Stephen Northcutt was the original developer of the Shadow intrusion detection system and served as the leader of the Department of Defenses Shadow Intrusion Detection Team for two years. Most recently, he was the Chief for Information Warfare at the Ballistic Missile Defense Organization and now serves as the Director for GIAC Training and Certification for the SANS institute.
Mark Cooper graduated from UMIST in 1991 with a Bachelor of Science degree and a Master of engineering degree in microelectronic systems engineering. He spent many years as a Software Engineer and UNIX Systems administrator, and is now a SANS GIAC Certified Intrusion Analyst.
Matt Feurnow was the first to establish categories for the traces from completed GCIA practicals. He was formerly a network / security administrator for Pearson Education, currently works as an incident handler for SANS GIAC, and is a GIAC Certified Intrusion Analyst.
Karen Frederick is a senior security engineer for Network Flight Recorder. She is currently completing her master's degree thesis in intrusion detection from the University of Idaho's Engineering Outreach program. Karen holds several certifications, including MCSE+I, Check Point Certified Security Administrator, and GIAC Certified Intrusion Analyst.