By Brandon Harms, CISSP, CCNP, FCNSP, et al

A quick review of the Bureau of Labor Statistics Occupational Outlook shows us that ethical hackers will be in higher and higher demand over the next decade. With this demand, the need for a supply of highly qualified and professional information security personnel increases. The supply of highly qualified and professional personnel can only be created by organizations that can train and mentor them en masse, or rather, a large quantity of them relatively quickly. For ethical hackers the training material must be relevant, organized, and able to lay down the foundation on which one can build with real world experiences. More importantly, the delivery of said material must be engaging and from a respected source.

I recently traveled, metaphysically anyway, to the underground bunker in the Black Hills of such a source. The purpose of my journey was to interview SANS instructor, PaulDotCom staff member and Professor, John Strand. John has a unique background working with the government, commercial, and consulting industries prior to teaching that gives him insights into the art, learning path, and career outlook of the ethical hacker. During the week of the interview I sat through the SANS vLive! course, “Metasploit Kung Fu for Enterprise Pen Testing,” and I was impressed not only with the material but more importantly, as emphasized above, the delivery of the material.