"SANS is the only organization where I have seen students bursting to get out of class to apply their newly acquired skills to current casework," he says.
Matt fell into this career somewhat by accident, taking on a junior analyst role because the team was great and the work sounded exciting. "My first day, I was working a keylogger case that required me to examine various hardware, test information, extract USB information, and decode logged keys," he recalls. "I was hooked!"
Since then, Matt has built a wide-ranging career that gives him a broad perspective on digital forensics. He has helped organizations of all types and sizes, from multinational conglomerates to small, regional companies. His skills run the gamut from disk, database and network forensics to malware analysis and classification, incident response/triage and threat intelligence, memory analysis, log analytics, and network security monitoring. Along with traditional database forensics, Matt has experience deploying such tools as Elasticsearch, Splunk, and Hadoop to assist in large-scale forensic investigations, network security monitoring, and rapid forensic analysis on over 100 systems and over 10TB of logs. He has a particular interest in database and Linux forensics, as well as in building scalable analysis tools using free and open-source software.
Matt understands the importance of making the information he's teaching relatable to students. "It's easy to picture every scenario as an advanced persistent threat attack, but some students don't perform those investigations," he explains. So Matt looks for the common ground among all of the specific artifacts and the bigger picture that each artifact helps develop, thus enabling students to enhance their investigations and succeed in their day-to-day careers.
His extensive experience in digital forensics shines through in his teaching. An energetic, enthusiastic instructor, Matt sees digital forensics as a puzzle that is begging to be solved. He loves piecing together artifacts to tell a vivid story about what has happened, and he strives to inspire his students to have the same passion for "completing the puzzle".
Outside of work, Matt loves spending time with his family, cooking Texas BBQ, and making his house as automated as possible in hopes that it will one day do work for him.
ADDITIONAL CONTRIBUTIONS BY MATT BROMILEY:
Rethinking Security Detection in an XDR World, August 2020
Knock, Knock: Is This Security Thing Working?, March 2020