Get an iPad Air w/ Smart Keyboard, Pixel 4a Smartphone, or Take $350 Off with Online Training! Offer Ends Soon!


To attend this webcast, login to your SANS Account or create your Account.

Endpoint Detection and Response: Part 2 of the SANS 2018 Endpoint Security Survey Results

  • Thursday, June 14, 2018 at 1:00 PM EDT (2018-06-14 17:00:00 UTC)
  • Lee Neely, Alissa Torres, Mike Nichols, Ratnesh Saxena, Rick McElroy, Sandeep Kumar


  • Carbon Black
  • CrowdStrike, Inc.
  • Endgame
  • Forescout Technologies BV
  • Malwarebytes
  • Mcafee LLC
  • OpenText Inc.

You can now attend the webcast using your mobile device!



In our 2017 survey on endpoint security, 53% of respondent organizations experienced one or more breach that started at their endpoints - yet 79% couldn't find these breaches and threats to their endpoints without advanced knowledge of the compromise, and 74% couldn't determine if remediation was fully complete.

In this new 2018 endpoint survey, publishing in association with the SANS DFIR Summit, SANS revisits threats, protections and response capabilities impacting endpoints. Results are presented in a two-part webcast series. The whitepaper and webcast developed from this survey are intended to promote better endpoint hygiene and provide valuable thought leadership to the community.

Part 1 of this webcast series, on June 13, 2018, focuses on endpoints themselves and the technologies used to protect them. Click here to register for the Part 1 webcast.

In this second installment of the 2018 endpoint survey results webcast, we uncover:

  • How organizations are monitoring their endpoints and networks to detect threats to their endpoints
  • The value of utilizing services vs on premises endpoint monitoring
  • Average time to detect and average time to fully remediate
  • Best practices to integrate remediation workflow
  • Enablers and barriers to improving endpoint protection and response capabilities

Attend this webcast and get early access to the associated survey whitepaper developed by SANS Analyst and mentor instructor, Lee Neely.

View the associated whitepaper here.

Speaker Bios

Lee Neely

Lee Neely, a SANS analyst and mentor instructor, teaches cyber security courses for SANS and serves as a NewsBites editor and OnDemand quality control tester. He worked with the SCORE (Security Consensus Operational Readiness Evaluation) project to develop the iOS Step-by-Step Configuration Guide and the Mobile Device Configuration Checklist included in the SEC575 course. Lee holds the GMOB, GPEN, GWAPT, GAWN, CISSP, CISA, CISM and CRISC certifications. He leads the cyber security new technology group at the Lawrence Livermore National Laboratory, working to develop secure implementations of new technology, including developing the secure configurations, risk assessments and policy updates required for its corporate and bring-your-own-device mobile devices.

Alissa Torres

Alissa Torres is a SANS analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.

Mike Nichols

Mike Nichols,†VP of Product Management at Endgame, manages the Endgame endpoint protection platform. Mike leverages years of commercial and federal product development experience, as well his time as an Army cyber intelligence analyst, to ensure the product not only has a superior workflow, but also optimizes the analyst's time. He divides his time between internal engagement with engineering and customer support, and external engagement with existing customers and new sales prospects to better understand the needs of the customer and ensure proper translation to mission-enabling features. Prior to working at Endgame, Mike served in a variety of technical leadership roles at Fortscale, General Dynamics Fidelis Cybersecurity Solutions, and Deloitte.

Ratnesh Saxena

Ratnesh Saxena is Director of Product Management at McAfee, defining the vision, strategy, roadmap and go-to-market motions for endpoint detection and response (EDR), threat intelligence and advanced threat detection solutions.†Prior to McAfee, Ratnesh held product management roles at Cisco Security, leading multiple strategic initiatives such as CASB, threat research (TALOS) and integrated threat defense. He also led multiple acquisition integrations, including the integration of Sourcefire AMP in the Content Security portfolio and the integration and scale-up of the Cognitive Security acquisition. He holds a Masterís degree from Michigan State University and an MBA from the University of California, Berkeley.

Rick McElroy

Rick McElroy, Security Strategist for Carbon Black, has more than 15 years of information security experience educating and advising organizations on reducing their risk posture and tackling tough security challenges. He has held security positions with the U.S. Department of Defense and in several industries, including retail, insurance, entertainment, cloud computing and higher education. A fierce advocate for privacy and security who believes education and innovation are the keys to improving the security landscape, Rick is program chair for the Securing Our eCity Foundation's annual CyberFest, a San Diego event dedicated to educating public and private sector security and IT professionals and business executives on the realities of security.

Sandeep Kumar

With 20 years of experience in enterprise security,†Sandeep Kumar†is the Senior Director of Product and Technical Marketing at Forescout. In his current role, he is responsible for various aspects of Forescout's go-to-market, product and content strategy. He has previously held senior positions in technical marketing, product management and engineering at several IT security companies. Sandeep holds MS and BS degrees in computer science.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.