New In-Person Event locations added! Choose your event, and join us for practical cyber security training.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Accelerate SecOps Incident Response with High Performance Playbooks from Cortex XSOAR and Google Chronicle

  • Wednesday, November 04, 2020 at 3:30 PM EST (2020-11-04 20:30:00 UTC)
  • Matt Bromiley, Pramukh Ganeshamurthy, Anton Chuvakin, John McGovern


  • Chronicle
  • Palo Alto Networks Cortex

You can now attend the webcast using your mobile device!



Google Clouds Chronicle platform works seamlessly with Palo Alto Networks Cortex XSOAR solution to investigate and remediate security threats with speed and scale. Join this webinar to learn more about this integration and see our product teams walk through a live ransomware attack identification and remediation exercise in the product.  

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Pramukh Ganeshamurthy

Pramukh serves as Product Management and Marketing Manager for the Cortex XSOAR platform at Palo Alto Networks. He started his career as a cybersecurity consultant at an MSSP (managed security services provider) and over the years he has helped establish multiple security operation centers for enterprises of all sizes across different industry verticals. Prior to joining Palo Alto Networks with Demisto’s acquisition, Pramukh was a product manager with Cisco’s security business group managing cloud based next generation firewall management products.

Anton Chuvakin

Dr. Anton Chuvakin is currently Head of Solution Strategy at Chronicle Security, a division of Google Cloud. 

Until recently, Dr. Anton Chuvakin was a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. He is a recognized security expert in the field of SIEM, log management and PCI DSS compliance. He is an author of books \"Security Warrior\", \"PCI Compliance\", \"Logging and Log Management\" and a contributor to \"Know Your Enemy II\", \"Information Security Management Handbook\" and many others. Anton has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS, honeypots, etc. His blog was one of the most popular in the industry. 

John McGovern

John McGovern, former principal systems engineer at ExtraHop and a lead post-sales engineer for F5 Networks, has managed security systems in a lot of different organizations, both large and small. During that time, John worked to troubleshoot and secure complex environments for customers of all sizes. As the Global Lead for Technology and Service Provider Engineering at Google Cloud, he now works to drive security solutions and integrations building on the Chronicle threat analytics platform.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.