Special Offer w/ OnDemand: Get an iPad (32 G), Galaxy Tab A, or Take $250 Off OnDemand Training thru Jan 27


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

2nd Annual Analytics and Intelligence Survey - Pt 2. Future State: Improving Intelligence and Threat Protection

  • Tuesday, October 14, 2014 at 1:00 PM EDT (2014-10-14 17:00:00 UTC)
  • Dave Shackleford, Colby DeRodeff, Seth Goldhammer, Nicholas J. Percoco


  • AlienVault
  • HP
  • LogRhythm
  • Mcafee LLC
  • Rapid7 Inc.
  • Anomali

You can now attend the webcast using your mobile device!



In 2013 SANS conducted its first analytics and intelligence survey. In this followup survey, we derive deeper understanding of the functional role of intelligence and analytics in the enterprise security management infrastructure. We will also further delve into which tools are implemented, the role of outside third-party service providers and whether or not intelligent analysis is improving an organization's ability to detect, defend and investigate attacks in their networks.

This webcast is presented in two parts.

Part 1. Current State: Detection and Response (October 9, 2014, at 1 PM Eastern)

This webcast will present survey results and focus on attempting to define analytics on using them to aggregate event data, correlate analytics with vulnerabilities and breaches, and improve detection and response efforts.

Part 2. Future State: Improving Intelligence and Threat Prevention (today's topic)

This webcast will present survey results and focus on threat intelligence that ties in with external feeds and "big data" to find unknowns.

Register and attend both webcasts to be eligible to win a $75 American Express gift card to be awarded LIVE during the October 14 webcast.

Plan to join us for both webcasts!

View the associated whitepaper

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Colby DeRodeff

Colby has spent nearly a decade working with global organizations guiding best practices and empowering the use of ArcSight products across all business vertical including government, finance and healthcare. Recognized as an expert in the field of IT security, Colby's primary areas of focuses are insider threat, the convergence of physical and logical security, as well as enterprise security and information management. As the leader of ArcSight's Technical Marketing team, Colby drives content for customers to more easily identify and solve complex real-world issues.

Seth Goldhammer

Seth Goldhammer is Senior Director of Product Management at LogRhythm, Inc. He has more than 16 years of experience working in the network management and security industry, including starting Roving Planet where he helped design and build go-to-market strategies for the industry's first network access control products. Seth has served in product management roles at TippingPoint, 3Com, and HP Networking, and is responsible for collecting market requirements and speaking at customer events for LogRhythm.

Nicholas J. Percoco

Nicholas J. Percoco is vice president of strategic services at Rapid7 and leads a team that advises customers on how to mitigate and respond to threats using data-driven analysis to empower more relevant, timely and impactful decisions. Nicholas has presented security research with a focus on custom malware, mobile devices and data breach trends to audience all over the world including a Keynote at RSA 2013, TEDx Naperville, and eight previous talks at DEF CON. He also enjoys running the THOTCON hacking conference in Chicago. Prior to joining Rapid7, he ran SpiderLabs at Trustwave and security practices at both VeriSign and Internet Security Systems

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.