Live, interactive cybersecurity training available through SANS Live Online. View upcoming events.

DFIR Summit & Training 2020 - Live Online

Virtual, US Eastern | Thu, Jul 16 - Sat, Jul 25, 2020

In response to the escalation of the COVID-19 pandemic, we've made the decision to convert this training event into a Live Online event.

The courses below will take place online, using virtual software to stream live instructors to all registered students during the scheduled classroom hours. (Eastern Time) This alternate training format will allow us to deliver the cybersecurity training you expect while keeping you, our staff, and our instructors as safe as possible.

Your registration for a Live Online course includes electronically delivered courseware, live streaming instruction by a SANS instructor, course labs, and four months of online access to course recordings.

Exhibitors

Our events incorporate external vendor partners showcasing some of the best security solutions available. Take advantage of the opportunity to interact with the people behind the products and learn what they have to offer you and your organization.

Platinum Sponsors

Blue Hexagon

https://www.bluehexagon.ai

Blue Hexagon is a deep learning innovator of Cyber AI You Can Trust to stop cyber adversaries and malware, before the infiltration. Our real-time deep learning platform delivers the worlds highest detection efficacy for zero-day and known threats, and orchestration and blocking controls, to protect enterprise network, cloud, and email.


Devo Technology Inc.

https://www.devo.com

Devo unlocks the full value of machine data for the worlds most instrumented enterprises. The cloud-based, multitenant Devo Data Analytics Platform, with its No-Compromise architecture, enables IT operations and SOC teams to realize the full transformational promise of machine data to drive growth.


DomainTools

http://www.domaintools.com

DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network and connect them with nearly every active domain on the Internet. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work.


ExtraHop

https://www.extrahop.com/

ExtraHop provides cloud-native network detection and response for the hybrid enterprise. Whether youre investigating threats, ensuring the availability of critical applications, or securing your cloud investment, ExtraHops breakthrough approach helps you rise above the noise so you can protect and accelerate your business.


Magnet Forensics

http://www.magnetforensics.com/

Magnet Forensics is a global leader in the development of digital investigation software that acquires, analyzes and shares evidence from computers, mobile devices, the cloud and more. Magnet Forensics tools are used by over 4000 agencies in 93 countries and has been helping investigators fight crime, protect assets and guard national security since 2011.


Palo Alto Networks

http://www.paloaltonetworks.com

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. For more information, visit www.paloaltonetworks.com.


ThreatConnect

http://threatconnect.com/

Designed by analysts but built for the team, ThreatConnects intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. To learn more about our TIP and SOAR solutions, visit www.ThreatConnect.com.


Gold Sponsors

NetEnrich

www.netenrich.com

Netenrich helps enterprises transform their operations to gain deeper visibility and contextual intelligence across their network, security and cloud. Its AI-powered SaaS solutions enable organizations to quickly understand their digital exposure, prioritize risks and remediate issues before they escalate. With Netenrich, users save time, respond faster and gain operational efficiencies.


Randori

https://www.randori.com/

Randori is your trusted adversary. Our Attack Platform empowers organizations with a continuous and automated red team experience they can use to better understand their attack surface and assess their real-world security. By mirroring todays adversaries, we help security teams identify gaps, prove effectiveness, and get better over time.


Silver Sponsors

Analyst1

https://analyst1.com/

Analyst Platform offers organizations a more efficient method of gathering and enriching threat intelligence. Inundated with various security tools, analysts rarely have time to investigate and remediate all threats. Analyst Platform eliminates labor-intensive tasks required to understand which threats matter most. Built by analysts for the enterprise, Analyst Platform allows the ability to author, test, and deploy effective countermeasures across multiple intrusion detection and prevention systems. www.analystplatform.com


Anomali

https://www.anomali.com/

AnomaliŽ delivers intelligence-driven cybersecurity solutions. Organizations rely on Anomali to harness threat data, information, and intelligence to make effective cybersecurity decisions that reduce risk and strengthen defenses. Anomali solutions enable collaboration and sharing of threat information among trusted ISACs and enterprises worldwide. For more information, visit us at www.anomali.com.


Basis Technology

https://www.basistech.com/


Bitdefender SRL

https://www.bitdefender.com/

Bitdefender has consistently outranked competitors in independent tests, becoming a trusted partner and a global leader in technology licensing. Worlds largest security-delivery infrastructure, #1-rated security technologies, easy to integrate, rebrand or bundle, +20 modular technology-licensing solutions for partners, +500 million customers protected daily, +150 Technology Partners in 150 countries.


Cellebrite

http://www.cellebrite.com/

Cellebrite is the global leader of Digital Intelligence solutions for the public and private sector. Cellebrite delivers an extensive suite of innovative software solutions, analytic tools, and training designed to accelerate digital investigations. The recent acquisition of BlackBag Technologies positions Cellebrite to continue helping customers address the growing complexity of handling crime and security challenges in the digital era. To learn more visit us at www.cellebrite.com


Cisco Umbrella

http://www.cisco.com/

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the internet wherever users go. Because it's built into the foundation of the internet, Umbrella delivers complete visibility into internet activity across all locations, devices, and users. By analyzing and learning from this activity, Umbrella automatically uncovers attacker infrastructure staged for current and emerging threats, and proactively blocks requests before a connection is established. With Umbrella, you can stop attacks earlier, identify already infected devices faster, and prevent data exfiltration. Umbrella provides an effective solution that is open, automated, and simple to use.


Corelight

https://www.corelight.com/

From the Acropolis to the edge of space, defenders have sought the high ground in order to see farther and turn back attacks. Corelight delivers a commanding view of your network so you can outsmart and outlast adversaries. We capture, interpret, and connect the data that means everything to defenders.


CrowdStrike, Inc.

http://www.crowdstrike.com

CrowdStrike is the leader in cloud-delivered endpoint security. Leveraging artificial intelligence (AI), the CrowdStrike FalconŽ platform offers instant visibility and protection across the enterprise and prevents attacks on endpoints on or off the network. CrowdStrike Falcon deploys in minutes to deliver real-time protection and actionable threat intelligence from Day One. It seamlessly unifies next-generation AV with best-in-class endpoint detection and response, backed by 24/7 managed threat hunting. Its cloud infrastructure and single-agent architecture take away complexity and add scalability, manageability, and speed.


Cyber Triage

https://www.cybertriage.com


Cyborg Security

https://www.cyborgsecurity.com

Cyborg Security is a pioneer in cybernetic threat hunting, delivering advanced, actionable threat hunting content via a first-of-its kind single platform. Cyborg delivers a tailored, cross-platform, solution that empowers defenders and enables organizations transform their threat hunting capabilities. Cyborg provides continuously updated content, context, scripts, and playbooks delivered as turn-key, ready-to-use hunting content your organization can deploy instantly. Automation can't replace humans, become a Cyborg - Click. Deploy. Hunt.


Exabeam

https://www.exabeam.com/

Exabeam is the Smarter SIEMTM company. We empower enterprises to detect, investigate and respond to cyberattacks more efficiently so their security teams can work smarter. With the Exabeam Security Management Platform, analysts can collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response.


Gigamon

https://www.gigamon.com

Gigamon is the first company to deliver complete network visibility and analytics across physical, virtual and cloud infrastructure. We help solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. In short, we enable you to run fast, stay secure and innovate.


RecordedFuture

https://www.recordedfuture.com

Recorded Future delivers the worlds most technically advanced security intelligence to disrupt adversaries, empower defenders, and protect organizations. Recorded Futures proactive and predictive platform provides elite, context-rich, actionable intelligence in real time thats intuitive and ready for integration across the security ecosystem. Learn more at recordedfuture.com


Siemplify

http://www.siemplify.co/

Siemplify, the leading independent security orchestration, automation and response (SOAR) provider, is redefining security operations for enterprises and MSSPs worldwide. The Siemplify platform is an intuitive workbench that enables security teams to manage their operations from end to end, respond to cyberthreats with speed and precision and get smarter with every analyst interaction. Founded in 2015 by Israeli Intelligence experts, with extensive experience running and training security operations centers worldwide, Siemplify has raised $58 million in funding to date and is headquartered in New York, with offices in Tel Aviv.


Sophos Inc.

http://www.sophos.com

Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from todays most advanced cyber threats. Powered by SophosLabs, our cloud-native and AI-enhanced solutions are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques.


Spect X

www.spectx.com

SpectX is a powerful log parser and query engine for DFIR, querying text-based log files in multiple storages like local file servers, AWS S3, Azure, Google Storage, Hadoop, ELK clusters and JDBC-databases. No data ingestion/indexing, no regex, unlimited data volumes. The desktop edition is free.


Interested in becoming an exhibitor? Learn more about all our vendor opportunities.