Limited Time Offer: Get a $400 Amazon Gift Card with your OnDemand Registration


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Learn how to hunt for threats using a Cloud Native SIEM

  • Wednesday, January 27, 2021 at 1:00 PM EST (2021-01-27 18:00:00 UTC)
  • James Pleger, Brian Gardiner, Jake Williams


  • Sumo Logic

You can now attend the webcast using your mobile device!



In this session we will review the 2020 threat landscape and discuss how to hunt for threats that we face in the COVID-19 world.

First, we will go into detail about how the threat landscape has evolved with more and more employees working remotely. After that, we will discuss common tactics that threat actors are using to target businesses and how to detect these threats. Lastly, we will discuss supply chain attacks and show examples of different attacks as you would see from a well instrumented point of view.

Threat hunting does not have to be a complex activity limited to only sophisticated security practitioners and specialized tools. During this informative webinar, you will learn from Sumo Logic SpecOps team how to use a cloud-native SIEM to:

  1. Easily incorporate threat intelligence into hunting
  2. Create custom rules that accelerate identification
  3. Rapidly identify complex threats

Speaker Bios

James Pleger

I am currently the manager for the SpecOps team at Sumo Logic, focusing our efforts on Hunting, Threat Intelligence and generally helping our customers improve their security posture. I have been in the industry for over 15 years and worked at both large and small organizations in the public and private sector. A major portion of our day to day work is identifying new threats, creating custom detection and helping mitigate them once found. Our team has a number of specializations which help us improve our detection methodologies including malware analysis, intelligence collection and intelligence analysis.

Brian Gardiner

Brian Gardiner currently works as a Senior Threat Analyst for the SpecOps team at Sumo Logic. He has over 8 years experience focused solely in cybersecurity with previous positions ranging from vulnerability analyst to security engineer, across the public and private sectors. Before starting at Sumo Logic, Brian worked as a Senior Incident Response Analyst with IBM X-Force IRIS, and at Aetna as the Information Security Advisor for the Security Data Analytics Team. He has a passion for using his knowledge of working with large data sets to identify malicious activity and generate detection logic that can help his customers.

Jake Williams

Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.