Matt Bromiley
Certified InstructorSecurity R&D at Prophet Security
Specialities
Cybersecurity Leadership
Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsCybersecurity Leadership
Matt Bromiley is the Lead Solutions Engineer at LimaCharlie, where they build and maintain some of the best cybersecurity infrastructure capabilities. He has 12+ years of experience in the cybersecurity industry making life difficult for cyber threat actors. He also serves as a GIAC Advisory Board member, a subject-matter expert for the SANS Security Awareness, and a technical writer for the SANS Analyst Program. Matt brings his passion for incident response and leadership to the classroom as a SANS Instructor for LDR553: Cyber Incident Management.
Matt continues to demonstrate passion for the topics being taught. The real-world examples he provides are a great addition to supplement the content in the book.
FOR508 lead by Matt Bromiley has dramatically increased my DFIR skills in less than a week, anyone serious about incident response or windows forensics must take this course.
I really valued Matt's lectures, and most importantly, his enthusiasm and expertise on forensics.
Here are upcoming opportunities to train with this expert instructor.
Explore content featuring this instructor’s insights and expertise.
This isn't your typical "don't pay ransoms" talk. We'll explore the harsh realities where business continuity and regulatory pressure create impossible choices, providing practical frameworks for decision-making under duress, technical protocols for verifying attacker claims, and strategies for maintaining leverage when all seems lost.
Cybersecurity leaders and compliance professionals are under increasing pressure to meet a growing array of global regulations—all while maintaining effective threat detection and response capabilities. Traditional monitoring is no longer enough. Full Packet Capture (FPC) is rapidly emerging as a foundational requirement—not only for real-time visibility and forensic analysis, but as a direct response to regulatory mandates in the U.S., EU, and beyond.
Join Matt Bromiley and Chris Schwind for a first look at Tanium Autonomous Endpoint Management (AEM), a next-generation platform that unifies IT and Security operations with AI-driven intelligence.
Join leading experts as they discuss how AI is transforming business operations, enhancing decision-making, and creating new opportunities for growth.
Join us on September 16, 2025, at 1:00pm ET for a deep dive into how modern enterprises can keep pace with today’s fast-moving threat landscape.
This webcast explores how to bring clarity and control back to your hybrid security strategy—with practical guidance on Zero Trust, unified monitoring, and the evolving role of AI in modern defense.
Join us at the 2025 Government Security Forum on July 22nd at 10:00 AM ET to gain intelligence, tools, and real-world strategies needed to defend your agency against next-generation cyber threats. Register for free today!
Join us for the Ransomware Summit Solutions Track 2025 to explore the full spectrum of ransomware dynamics. Learn how threat actors are adapting their strategies, where vulnerabilities still exist, and why the cycle of paying ransoms endures.
Explore the latest breakthroughs shaping the future of cybersecurity. The Emerging Technology track brings together though leaders and innovators to showcase advancements. Gain insights on how these developments will impact defense strategies in the coming years.
As cloud security controls mature, it's common to find that a wide variety of security controls and configuration capabilities are melding into a single platform or service fabric, in addition to the cloud provider infrastructure. Ranging from CNAPP to CSPM to CWPP and beyond, controls that cover the pipeline, workload security, cloud environment configuration, IaC templates, and runtime (and much more) are starting to evolve into a much more consolidated set of solutions. What does cloud security look like in 2024 and beyond? Chances are, you are talking to a set of providers that offer a lot of these features, and that's a great thing for security and cloud engineering teams.Register for this webcast now and be among the first to receive this white paper.
Two years ago, artificial intelligence (AI) was primarily a buzzword, but the times have changed quickly! The rapid integration of artificial intelligence in multiple sectors has revolutionized operational efficiency, data analytics, and automation.Join us for our AI-focused solutions track and explore how leading cybersecurity companies are implementing AI into their offerings, along with discussions on a variety of topics, including successes, challenges, and strategies to utilize these emerging technologies to help us secure our organizations and accomplish tasks that weren’t feasible until now.
Mobile security is paramount in today’s digital age of enterprise applications. End-user devices and enterprise applications are becoming prime targets for threat actors, due to their ubiquity and coverage. With the rapid growth of mobile applications, the security landscape has evolved. Organizations must utilize resources to safeguard sensitive data and maintain the integrity of their applications.
Human-powered security—aka community-driven bug bounties—can be a game changer for your offensive security strategy. Complementary to red teaming and penetration testing, bug bounties can help organizations enhance their security posture, protect customer data, and ensure business continuity. In this webcast, we’ll examine the unique advantages of these programs, from advanced threat detection to continuous security improvements.
In today's hostile digital landscape, government agencies face a relentless barrage of cyber threats. Furthermore, agencies face a continuing stream of legislative, executive, and oversight recommendations, constantly keeping teams and technologies on their toes. This SANS Solutions Forum equips public sector cybersecurity teams with the essential knowledge to address these challenges and modern threats head-on.
In this session, we will unveil the latest security posture innovations in Microsoft Defender for Cloud, that empower security teams to identify security vulnerabilities spanning from code to cloud.
Get ready for an exclusive event where we dive into the latest insights from our survey followed by an exclusive hands-on experience with Palo Alto’s Cortex XSOAR platform. This two-part forum will uncover what drives automation in security teams and how advanced SOAR tools can revolutionize SOC operations.
It’s 2024. Ransomware is no longer new, the threats and risks are well known, the cases and payouts are public. Even with this ominous threats, why are security teams still caught off guard when their environments fall victim? It’s 2024 - the year we stop waiting for the adversary.
Join us to explore how you can enable secure access to any app or resource, from anywhere using Microsoft’s identity-centric Security Service Edge (SSE) solution. Our experts will delve into Microsoft Entra Private Access, a core component of SSE, focusing on key use cases and scenarios. Discover how this solution enhances security for private apps and resources, ensures user productivity, and reduces the complexity and risk of legacy VPNs.
The cloud has changed infrastructure for all organizations and Federal agencies are no exception. However, it’s not as easy as simply “flipping the switch” because there are a myriad of regulatory requirements and considerations to navigate, and it requires careful planning and implementation.
Join the Attack Surface and Vulnerability Management Track to hear from chairperson Matt Bromiley and a host of leading cybersecurity experts as they walk through specific use cases and challenges.
Review relevant educational resources made with contribution from this instructor.