Take 10% Off More Than 30 OnDemand and vLive Online Courses Now


Incident Response Part 2: Growing and Maturing An IR Capability

  • Friday, August 15 at 1:00 PM EDT (17:00:00 UTC)
  • Alissa Torres and moderated by Jake Williams, with presentations by Lucas Zaichkowsky, Jennifer Glenn and Ben Johnson


  • AccessData Corp.
  • AlienVault
  • Arbor Networks
  • Bit9 + Carbon Black
  • HP
  • McAfee. Part of Intel Security.
You can now attend the webinar using your mobile device!


Security practitioners find themselves thinking a lot these days about incident response. A new SANS survey project, an outgrowth of the many recent data breaches and attacks plaguing enterprises large and small, asks IT professionals about the steps they take immediately following a breach discovery and how successful those steps really are.

Part 1 of this incident response webcast August 14 will highlight the results of the survey and talk about where we are as an industry in a typical six-step IR process.

Part 2, Friday, August 15, 1:00 p.m., will look at growing and maturing an IR capability.

The webcasts will also provide insight into incident response plans, attack histories, where organizations should focus their response efforts, and how to put all of the pieces together.

We will share key findings concerning respondents incident response wish lists and actionable takeaways from both respondents and SANS experts with deep field expertise in IR.

Attendees to both Parts 1 and 2 will have a chance to win a $50 Starbucks card.

Click here to view the associated whitepaper.

Speaker Bios

Alissa Torres

Alissa Torres is a certified SANS instructor specializing in advanced computer forensics and incident response. Her industry experience includes serving in the trenches as part of the Mandiant Computer Incident Response Team (MCIRT) as an incident handler and working on an internal security team as a digital forensic investigator. She has extensive experience in information security, spanning government, academic and corporate environments, and she holds a bachelor's degree from University of Virginia and a master's from University of Maryland in information technology. Alissa has served as an instructor at the Defense Cyber Investigations Training Academy (DCITA), delivering incident response and network basics to security professionals entering the forensics community. In addition to being a GIAC Certified Forensic Analyst (GCFA), she holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+.

Ben Johnson

Ben Johnson is chief evangelist for Bit9 + Carbon Black. In that role, he uses his experience as a co-founder and chief technology officer for Carbon Black, which merged with Bit9 in February 2014, to drive the company’s message to customers, partners, the news media and industry analysts. Ben, who was directly responsible for the powerful functionality of the Carbon Black endpoint threat detection and response (ETDR) solution, has extensive experience building complex systems for environments where speed and reliability are paramount. His background also includes working on advanced operational teams supporting U.S. national security missions and writing complex calculation engines for the financial sector.

Jake Williams

Jake Williams is founder and principal consultant at Rendition Infosec and a certified SANS instructor and course author. He has more than a decade of experience in secure network design, penetration testing, incident response, forensics, and malware reverse engineering. Before founding Rendition Infosec, he worked with various government agencies in information security roles. Jake is a two-time victor at the annual DC3 Digital Forensics Challenge.

Jennifer Glenn

Jennifer Glenn has been with Arbor Networks for nearly 2 years handling the go-to-market activities for the company’s enterprise-focused product line. Prior to Arbor, she worked in product marketing for HP’s TippingPoint division, working specifically with the security research teams – both the internally focused product team, DVLabs; and the externally-focused vulnerability intelligence team, known as the Zero Day Initiative. As part of this position, Jennifer also led the development and writing of the Bi-Annual Risk Report, which correlated vulnerability reports with attack events to provide a clearer picture enterprise security risk.

Lucas Zaichkowsky

Lucas Zaichkowsky is the enterprise defense architect at AccessData, responsible for providing expert guidance on the topic of cybersecurity. Prior to joining AccessData, Lucas was a technical engineer at Mandiant, where he worked with Fortune 500 organizations, the Defense Industrial Base and government institutions to deploy measures designed to defend against the world’s most sophisticated attack groups.

Need Help? Visit our FAQ page or email webcast-support@sans.org.