Online Training Special Offer! Get an iPad Mini, Surface Go, or $300 Off thru Oct 2!


To attend this webcast, login to your SANS Account or create your Account.

EDR + NGAV Working Together: SANS Review of Carbon Black Cb Defense

  • Friday, September 15th, 2017 at 1:00 PM EDT (17:00:00 UTC)
  • Jerry Shenk and Brian Gladstein
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Carbon Black

You can now attend the webcast using your mobile device!


Endpoints of all types are falling victim to phishing, ransomware, wipeware, zero days, DDoS and other damaging attacks, according to multiple SANS surveys and industry reports. IoT devices are being conscripted into botnets for sending DDoS attacks, new variants of ransomware are being released and spreading at astonishing speeds, and the most cunning attackers are actively searching and traversing entire networks of endpoints (and hiding their tracks).

In this webcast, learn how next-generation antivirus (NGAV), combined with the power of endpoint detection and response (EDR), can accurately and completely connect dots between suspicious and unauthorized activities to detect and fully remediate real threats.

SANS analyst Jerry Shenk will reveal how he put Carbon Black's Cb Defense through simulated ransomware, malware and various malwareless attacks to see what it detected and how it took action. He will discuss how Cb Defense NGAV detects these threats, how the Cb Defense EDR maps suspicious activity and patterns into attack visualizations for incident response and remediation, and how Cb Defense shows the attack chain and the steps of remediation. Specifically, learn how Cb Defense detects, reacts to and helps remediate the following:

  • Simple, known malware
  • Command shell attacks via NetCat
  • PowerShell attacks
  • Ransomware attacks based on new variants

Click here and be among the first to receive access to the associated whitepaper written by Jerry Shenk.

Speaker Bios

Jerry Shenk

Jerry Shenk currently serves as a senior analyst for the SANS Institute and is senior security analyst for Windstream Communications, working out of the company's Ephrata, Pennsylvania, location. Since 1984, he has consulted with companies and financial and educational institutions on issues of network design, security, forensic analysis and penetration testing. His experience spans networks of all sizes, from small home-office systems to global networks. Along with some vendor-specific certifications, Jerry holds six GIAC certifications - all completed with honors - and five with Gold certifications: GCIA, GCIH, GCFW, GSNA, GPEN and GCFA. He also holds the CISSP certification.

Brian Gladstein

Brian Gladstein is a security market strategist and director of product marketing at Carbon Black. He leads the go-to-market efforts for Cb Defense, Carbon Black's next-generation AV product, which is disrupting the massive traditional antivirus industry. Drawing upon a diverse background that includes everything from software development to product management to customer marketing and advocacy, Brian is passionate about high-tech solutions that change the way we live and work.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.