Get an iPad Air w/ Smart Keyboard or Pixel 4a Smartphone with 5-6 day course registration! 30+ courses available May 10-15.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Accelerate SecOps Incident Response with High Performance Playbooks from Cortex XSOAR and Google Chronicle

  • Wednesday, November 04, 2020 at 3:30 PM EST (2020-11-04 20:30:00 UTC)
  • Matt Bromiley, Pramukh Ganeshamurthy, Anton Chuvakin, John McGovern


  • Chronicle
  • Palo Alto Networks Cortex

You can now attend the webcast using your mobile device!



Google Clouds Chronicle platform works seamlessly with Palo Alto Networks Cortex XSOAR solution to investigate and remediate security threats with speed and scale. Join this webinar to learn more about this integration and see our product teams walk through a live ransomware attack identification and remediation exercise in the product.  

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Pramukh Ganeshamurthy

Pramukh serves as Product Management and Marketing Manager for the Cortex XSOAR platform at Palo Alto Networks. He started his career as a cybersecurity consultant at an MSSP (managed security services provider) and over the years he has helped establish multiple security operation centers for enterprises of all sizes across different industry verticals. Prior to joining Palo Alto Networks with Demisto’s acquisition, Pramukh was a product manager with Cisco’s security business group managing cloud based next generation firewall management products.

Anton Chuvakin

Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance.

John McGovern

John McGovern, former principal systems engineer at ExtraHop and a lead post-sales engineer for F5 Networks, has managed security systems in a lot of different organizations, both large and small. During that time, John worked to troubleshoot and secure complex environments for customers of all sizes. As the Global Lead for Technology and Service Provider Engineering at Google Cloud, he now works to drive security solutions and integrations building on the Chronicle threat analytics platform.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.