Two More Days to Get a $400 Amazon Gift Card with qualifying OnDemand course purchase! Don't Miss Out!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The Foundation of Continuous Host Monitoring

  • Wednesday, April 03, 2019 at 1:00 PM EDT (2019-04-03 17:00:00 UTC)
  • Matt Bromiley, JJ Cranford


  • OpenText Inc.

You can now attend the webcast using your mobile device!



Let's face it; deep dive forensics at scale is not realistic. Most enterprises lack time, experience, and other resources, and the deep dive approach does not scale well. Enterprises continue to struggle with incident scoping and remediation, in large part due to a lack of visibility and insight. In contrast, real-time, host-based visibility is crucial to detecting and defending against modern adversarial techniques.

This SANS webcast will look at the benefits of continuous host monitoring, the architecture behind successful setups, and considerations for success. Learn how to scope and implement continuous monitoring effectively, and examine examples of it in action.

Register now to attend this webcast and be among the first to receive the associated whitepaper (with tips, advice and recommendations) written by SANS community instructor and analyst, Matt Bromiley.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

JJ Cranford

JJ Cranford is a Senior Product Marketing Manager at OpenText responsible for the EnCase™ Security suite of products. JJ joined OpenText with the acquisition of Guidance Software where he was responsible for the go-to-market strategy for EnCase Endpoint Security, Risk Manager, and eDiscovery products.  He provides insight into market trends, industry challenges, and solutions in the areas of incident response, endpoint security, risk management, and compliance to G2000 enterprise clients.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.