Join us for in-depth talks, exclusive networking, and world-class training at Security Awareness Summit Dec 1-4!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Bolster your Cyber Terrain with Endpoint Forensics

  • Thursday, June 20, 2019 at 1:00 PM EDT (2019-06-20 17:00:00 UTC)
  • Alissa Torres, Justin Swisher


  • Fidelis Cybersecurity

You can now attend the webcast using your mobile device!



Visibility is critical to the realm of cybersecurity. Cloud based applications and data storage, along with IoT and smart devices, are expanding the attack surface and creating more blind spots for adversaries to target. Criminals and nation state actors continue to innovate and up their level of sophistication in order to leverage these blind spots, forcing organizations into a reactive security posture. However, defenders can move from this reactive stance into a more proactive one through the practice of threat hunting actively seeking to discover malicious activity for which passive detection systems do not have signatures. Threat hunting takes many forms and names, one of which is proactive DFIR. By combining proven practices with proper tools, organizations can achieve the continuous, real-time visibility required to protect their critical assets.

Join SANS Principal Instructor, Alissa Torres, and Fidelis MDR Threat Hunter, Justin Swisher, who share threat hunting techniques for defending the cyber terrain from the zero-day threats of tomorrow. The webinar will help you uncover:

  • State of the threat landscape
  • Importance of endpoint forensics in threat hunting
  • How to obtain endpoint visibility
  • Installed Software & CVE Correlation
  • Endpoint investigation & forensics
  • Responding to threats with custom and built-in scripts

Speaker Bios

Alissa Torres

Alissa Torres is a SANS analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.

Justin Swisher

 Justin Swisher is a Threat Hunter at Fidelis Security. Building on more than twelve years of IT security experience with an emphasis in network security architecture and monitoring, Mr. Swisher has worked to develop new techniques to improve detection and threat hunting. After spending four years with the Air Force as an intelligence analyst, Mr. Swisher brought those analytical skills to leading cybersecurity vendors in an effort to improve network security detection and response.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.