homepage
Open menu
Contact Sales

Andrew Laman

Andrew Laman is the founder and principal consultant at A4 InfoSec, an independent consulting firm with services focusing on monitoring, detection, and incident response. Andy has more than 25 years of information technology and security experience in multiple industries. He has held lead security positions in Fortune 500 and several global companies. Andy is a course contributor and teaches SEC503: Network Monitoring and Threat Detection In-Depth, for the SANS Institute. In addition to the CISSP, Andy holds multiple GIAC certifications including the prestigious GIAC Security Expert (GSE #142) certification as well as multiple other industry certifications.

More About Andrew
Specialties
Headshot of Andrew Laman

Profile

Andrew Laman has over 25 years’ experience in information technology and security covering many jobs: help desk, sysadmin, network engineer, and security analyst (performing both red team and blue team functions). In addition to technical roles, he’s held leadership positions from team lead to senior leadership roles including AVP of IT security and infrastructure. Andrew had the opportunity to work in many different industries and in locations throughout most of the world. 

In 2014, while studying for his SEC503 recertification exam, he found a typo in one of the labs: a missing comma from a Snort config. After reporting it to the course author, Judy Novak, they started a wonderful friendship. Judy allowed him to help test new labs, eventually leading to him writing course content and labs for SEC503. As they worked together, Judy encouraged and supported him becoming an instructor. She recognized how much he enjoyed mentoring and training teams and knew his love for packets would be a great fit for instructing SEC503. 

Andrew has always loved mentoring, teaching and sharing knowledge, especially about packets, but SEC503 is about much more. He enjoys working on developing critical thinking and analysis skills that help in almost all areas of security and IT. 

Andrew is the founder and principal consultant at A4 InfoSec, an independent consulting firm with services focusing on monitoring, detection, and incident response, as well as a SANS Senior Instructor and course contributor for SEC503: Network Monitoring and Threat Detection In-Depth. He is a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition.

Andrew has earned a number of certifications, including GSE, GCIH, GCIA, GSNA, GCFA, GPEN, GAWN, GXPN, GREM, GMOB, GNFA, GSEC, GMON, GCUX, GCDA, GPYC, GRID, and CISSP. 

When not crafting or manipulating packets, Andrew is an outdoor enthusiast usually attempting to keep his wife from getting lost up some mountain.

Watch Andrew present at the SANS Blue Team Summit



WEBCASTS

BLOG

showmethepackets.com