SANS Security West 2021 is right around the corner! Choose from over 30 interactive courses, plus Core & Cyber Defense NetWars.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SANS 2021 Endpoint Monitoring in a Dispersed Workforce Survey Results

  • Tuesday, March 16, 2021 at 1:00 PM EDT (2021-03-16 17:00:00 UTC)
  • Matt Bromiley


  • BlackBerry
  • Cisco Systems
  • Palo Alto Networks

You can now attend the webcast using your mobile device!



Past SANS surveys show that endpoints serve as some of the most common points to launch an attack more deeply into a targeted organizations network. Yet, despite the variety of tools and high-quality log sources available for detection, year after year we see a majority of respondents organizations have yet to adopt technologies (such as behavior monitoring or analytics) or configure their SIEMs to gather the required logs that can provide needed context. This years survey investigates how effectively organizations areor arentusing solutions that offer auditing or advanced endpoint detection and response (EDR) capabilities.

Click the Get Registered button to sign up for this webcast, and be among the first to receive the associated whitepaper written by SANS DFIR Instructor and survey author Matt Bromiley.

Click here to register for a panel discussion of the survey results on Tuesday, April 13, 2021, at 1 PM Eastern. 

Speaker Bio

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.