John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

• Penetration Testing
• Threat Hunting
• Log Analysis
• Incident Response
• Cloud Security Assessments

• Co-author of Offensive Countermeasures: The Art of Active Defense (2013)
• Contributor to the Penetration Testing Execution Standard (PTES)
• Contributor to the 20 Critical Controls frameworks
• Former co-host of Hack Naked TV and Security Weekly podcasts
• Presenter at information security conferences such as RSA and Black Hat
• Author of Black Hat’s "Active Defense, Offensive Countermeasures, and Hacking Back" course
• Author of SANS Institute’s "Hacker Tools, Techniques, Exploits and Incident Handling" course
• Former Information Assurance lead at Northrop Grumman and Accenture Certifications & Credentials

• CISSP – (ISC)2
• GCIH – GIAC

In his free time, John enjoys mountain biking, AT Skinning (or Ski Touring) and ranching.

John Strand joined the IANS Faculty in 2013. He delivers deep domain-level insights to clients in the following areas: penetration testing, threat hunting, log analysis, incident response, cloud security assessments.