Got GIAC? Free GIAC Cert Attempt Included with OnDemand 5 or 6 Day Training thru July 7


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

Implementing Active Breach Detection

  • Thursday, October 22, 2015 at 1:00 PM EDT (2015-10-22 17:00:00 UTC)
  • David Thompson, Dave Shackleford


  • LightCyber

You can now attend the webcast using your mobile device!



Do you have confidence you can prevent 100 percent of intrusion attempts? If not, how do you find attackers once they get in? Trying to do detection with the same signature-based techniques that attackers circumvent is a fool's errand. Instead, active breach detection utilizes machine learning techniques to profile what is normal on your network, and through integrated analysis of your network and endpoints exposes anomalous attacker behaviors. These behaviors are inherent to any successful attack, and if spotted early can ensure effective response and prevent damage. This webcast will discuss the role of active breach detection and the SANS Analyst Program review of the LightCyber Magna Platform and its intrusion detection features.

Sign up for this webcast and be among the first to receive a new SANS whitepaper outlining new techniques in breach detection.

Please send questions about this webcast to

View the associated white paper here.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

David Thompson

David Thompson has over 15 years of experience focused on information security. Prior to joining LightCyber, where he is senior director of product management, he served in product management leadership positions for OpenDNS, iPass, Websense, and Voltage Security (now HP). Before running product management at Voltage Security, Thompson was a program director at Meta Group (now Gartner), responsible for security research topics including encryption, PKI, remote access and secure network design. He holds a bachelors of science in physics from Yale University.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.