Best Offers of the Year Ends Tomorrow - Don't Miss Out! Get an iPad Air with Smart Keyboard or Pixel 4a Smartphone!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Factoring IoT Devices into Detection and Response: A SANS Whitepaper

  • Thursday, May 28, 2020 at 1:00 PM EDT (2020-05-28 17:00:00 UTC)
  • Matt Bromiley, Michael Sanders


  • ExtraHop

You can now attend the webcast using your mobile device!



IoT is growing in the enterprise and becoming of greater concern as an unprotected threat vector.

An organization needs to understand if and how enterprise IoT devices like smart TVs, badge scanners, projectors, whiteboards, and printers, as well as unknown rogue devices, have been connected to the network.

  • Is your security team aware of every enterprise IoT device that sits in an office, lobby, conference room, or boardroom?
  • Have you completed an assessment of the network security risks from unmanaged, nonstandard devices?
  • Is there a plan for detecting and responding to malicious traffic if IoT devices are compromised?

This paper explores the growth of enterprise IoT devices and the implications for incident detection and response. The enterprise device landscape is constantly changing; your information security team must adopt practices to easily adapt.

With the right approach, your team can quickly identify IoT devices for greater visibility to detect and respond to any new threats that come their way.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Michael Sanders

Michael is responsible for architecting security implementations across hyper-converged networks and is part of ExtraHop's team of cloud security engineers who work directly with customers and prospects. A passionate technologist and evangelist, he brings fresh thinking to security threat detection. Prior to ExtraHop, Michael was a consultant working with multiple technologies across the security landscape. He holds a Masters Degree from the University of Arizona and a BBA from the University of Georgia. Michael speaks at industry events, supports security research organizations, and has been quoted in industry coverage.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.