SANS Instructors

With a strong foundation in cybersecurity, marked by a long list of GIAC certifications, Ryan’s expertise and educational approach make him exceptionally qualified to teach and mentor the current and next generation of cybersecurity professionals.

Kai has worked in a wide range of IT security roles for 15+ years, focusing in industrial control systems and incident response. He is the Director of Global Incident Response Services at Dragos, Inc.

As a Special Agent with the Air Force Office of Special Investigations, Chad served on the national computer intrusion team and helped expand counter-espionage techniques. At SANS, Chad is a senior instructor and co-author for FOR500 and FOR508.

After serving as the senior cyber tactics development lead in the U.S. Air Force, Matthew founded Open Security in 2014, which performs full-spectrum vulnerability risk assessments, and has been a SANS instructor since 2016.

Tony Turner has reshaped critical infrastructure security by advancing SBOM maturity and Cyber-Informed Engineering, while pioneering adversarial AI simulations and digital twin technologies as VP at Frenos.

With 15+ years of experience across government, telecom, finance, and technology, Kevin has honed his skills in network engineering and security, incident response, and tool development. His certifications include GCIH, GPEN, GCIA, GNFA, and GCWN.

Dr. Johannes Ullrich is the Dean of Research for SANS Technology Institute, a SANS Faculty Fellow, and founder of the Internet Storm Center (DShield.org) which provides a free analysis and warning service to thousands of Internet users and organizations.

Ismael Valenzuela, VP of Threat Research & Intelligence at Arctic Wolf, has fortified global cybersecurity by leading critical threat intelligence initiatives and pioneering defenses against AI-driven threats like deepfakes and ransomware.

NVISO co-founder and SANS Senior Instructor, leading cybersecurity education in advanced adversary tactics. Experienced in offensive security with extensive background in penetration testing and ethical hacking across Europe.

Jeroen is the security architecture team lead and incident manager at NVISO where he specializes in security architecture, cloud security, and continuous security monitoring.

Larry Vandenaweele is a manager at PwC Australia's Cyber and Forensics Practice where he focuses on security architecture design, penetration testing and governance for organizations dealing with control system environments.

Brian Ventura, a Partner at Cyverity, an information security consulting firm specializing in governance, focuses on enterprise information security governance, risk, and compliance.