SANS 2021 features 30+ Interactive Courses, Three NetWars Tournaments, Trivia Night, and Bonus Talks. Save $150 thru Tomorrow!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

72-Hours-to-Disclose Survival Guide: Accurate Scoping and Impact Assessment of Breaches

  • Tuesday, February 26, 2019 at 1:00 PM EST (2019-02-26 18:00:00 UTC)
  • John Matthews, John Pescatore


  • ExtraHop

You can now attend the webcast using your mobile device!



With data breach reporting requirements tightening, there even greater pressure on incident response teams to understand the scope and impact of an incident. This webinar will discuss the role that network traffic analysis can play in speeding up incident response. You will learn how network traffic analysis can provide the context needed to empower your analysts to quickly investigate incidents and get definitive answers. 

Speaker Bios

John Matthews

John Matthews is the CIO at ExtraHop, where he oversees the continuous expansion of the IT environment and counsels the company's enterprise customers as they evolve their IT operations. Before joining ExtraHop, John led IT strategy at F5 Networks, where he was CIO for nearly a decade. John guided F5 to the early adoption of new technologies, such as SaaS and cloud computing, to drive costs down while raising overall quality. Previously, John served as an IT leader for MSN Operations at Microsoft, as CIO at Towne Exploration Company, and as Director of IT Operations at Adobe.

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.