Meet Your Instructor: Karl Hansen
The Q & A
Tell us about yourself:"Hi. I’m Karl. I live in the Mountain West region of the United States. I have been working in Cyber Security for over 4 years. Prior to working in Cyber Security, I worked in several industries including nuclear medicine, furniture, and plumbing. I have a Bachelor of Arts in History, a Masters of Science in Information Systems, the CISSP, and GIAC. Outside of my professional life, I thoroughly enjoy working with my hands. I have done a lot of work upgrading houses, as well as milling lumber with my chainsaw with the goal of turning the wood on my lathe into something beautiful. I am also something of an urban homesteader, in that, I have a fairly large garden, a flock of chickens, and my corgi, Menchi. I have a wonderful family to help me with these tasks, and I enjoy every minute of it."
What brought you to teaching on Cybrary:"In my current role as a Cyber Security Analyst Engineer, I have the opportunity to work with a large number of interns coming through the SOC. Our interns are typically working on a degree of some sort with the goal of getting a job after. Since I came through the internship program myself, it puts me in a unique position to act as a mentor and help these people figure out next steps and direction. I have found it incredibly rewarding to be able to help people at a turning point in their professional life. One of my goals while teaching with Cybrary is to help other people just starting on this path to find their way to a good place.My other goal while teaching for Cybrary is to create courses that will help cover the knowledge gap in Cyber Security. The saying, “A rising tide lifts all boats,” is very relevant to our industry. There is a ton of knowledge that is on the Internet, but not all of it is easily accessible. By creating content on Cybrary, I want to help fill knowledge gaps in areas that I have been able to get professional and personal experience."
Tell us about your course:"My course is Intro to Security Onion. Security Onion is fairly well known in some circles, but to many others, it is a complete unknown. My goal with this course is to bring better awareness to this excellent tool and to give a jumping-off point for people wanting to get started with network monitoring and forensics.To achieve this goal I have put together a course that explains what Security Onion is and what it’s capable of, the tools that are built into it, how to use them, how to install and configure both a standalone instance and a distributed environment, and some best practices and tips for management. The course also includes demonstrations of using Security Onion as a forensics tool where we replay network traffic from a malware infection to determine what happened post-infection, and a demonstration of using Security Onion as a sniffing tool to grab and process traffic in near real-time, as you would when doing Network Security Monitoring.By the end of the course, students should have a much better understanding of SecurityOnion and where it can be useful in Cyber Security. They should also have a good idea on how to start using it themselves to learn the joys of network forensics and continuous monitoring."
Education/Experience in Cyber Security:
Education/Certifications:"I got my start in Cyber Security in Graduate School. After some classes, I was able to get an internship in a SOC working as a Tier 1 analyst. Once I graduated they liked me well enough to take me on full time. In this role, I work on SIEM, NSM, UEBA, and DAMtechnologies as a Security Admin, and also work as a Tier 2 analyst. In my first two years in the field working full time I was able to get my CISSP and GCIA. I continue with my education through sites like Cybrary, as well as with personal and professional projects."
Interests in Cyber Security:"Most of my focus on Cyber Security has been around monitoring. Several of the tools that I manage are taking in terabytes of data a day, and I have the joy and pleasure of sorting through these logs to find signs of evil. Some of the logs I work with are; network full packet captures, database activity logs, and then everything else. I am open to learning more on the pen testing side, but it’s been so interesting reverse engineering attacks that are coming in that I haven’t devoted the brainpower to it."
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!