Just getting started in infosec and need some guidance on virtualization? Used virtual machines before, but want to expand to a more complex, dedicated virtual lab? This talk will cover the numerous hardware and software options you should consider, and will discuss both simple and complex configurations. The focus will be on setting up a lab that is home friendly, inexpensive, and as flexible as possible. Offense and defense setups will be discussed, as well as recommendations for virtualization software, server hardware, and networking gear. You will leave with a list of VMs to use, an understanding of the benefits of hosted vs. bare metal hypervisors, different virtualization packages, and how to build an inexpensive lab that emulates a multi-tiered corporate environment.
John is a Community SANS Instructor and Lead Analyst for GlaxoSmithKline's U.S. Security Operations Center. His daily responsibilities include detecting and defending against targeted attacks, threat hunting, incident response, and malware reverse-engineering. With degrees in Electrical and Computer Engineering focusing on cyber security, his interest and research spans from malware, penetration testing, and security monitoring, to mobile device attacks, car hacking, and the Internet of Things. He is GIAC GMON, GPEN, and GREM certified, is passionate about information security, and loves to attend all the conferences he can get to. In his free time, he studies malware, runs a honeypot network, and enjoys slowly turning his home into a data center. He maintains a web presence with his blog at 909research.com and on twitter @JHub908, where he writes on current threats, malware, security monitoring, and his growing virtualization lab.