Online Training Special Offer - Get an iPad Mini 4, Samsung Galaxy Tab A, or $250 Off OnDemand and vLive - Ends 9/27!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Incident Response Capabilities in 2016 - Part 1: The Current Threat Landscape and Survey Results

  • Wednesday, June 8th, 2016 at 1:00 PM EDT (17:00:00 UTC)
  • Matt Bromiley, Rob Lee (moderator), Tamar Shafler, Don Shin, Ann Sun and Ismael Valenzuela
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsors

  • AlienVault
  • Arbor Networks
  • HP Enterprise Security
  • IBM
  • McAfee
  • LogRhythm
  • NETSCOUT Systems, Inc.
  • Veriato

You can now attend the webcast using your mobile device!

Overview

The third annual SANS survey on incident response will look at the continuing evolution of incident response, how tactics and tools have changed in the last three years and how security professionals are dealing with increasing numbers and kinds of attacks.

Attendees at this first part of the two-part webcast will hear results of the survey and learn:
  • What the current threat landscape looks like
  • How many incidents and breaches incident responders are responding to
  • What the underlying cause of the resulting breaches is
  • What types of data were exfiltrated
  • How mature incident response programs are
  • What systems are included in investigations
  • What tools and processes are used in incident response

Part 2 of this webcast, on Thursday, June 9, 2016 at 1 PM Eastern, presents survey results and focuses on emerging trends in incident response.

Register to attend both parts of this survey-based webcast and be among the first to receive the associated whitepaper written by Alissa Torres.

View the associated whitepaper here.

Speaker Bios

Matt Bromiley

Matt Bromiley, is a SANS Digital Forensics and Incident Response instructor and a GIAC Advisory Board member. He is also a senior managing consultant at a major incident response and forensic analysis company, bringing together experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.


Rob Lee

Rob Lee is the curriculum lead and author for digital forensic and incident response at the SANS Institute. With more than 19 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention and incident response, he provides consulting services via HARBINGERS LLC. in the Boston, MA. area. Before directing services at HARBINGERS, Rob worked with government agencies in law enforcement, defense, and intelligence communities as a lead for vulnerability discovery and exploit development teams supporting Title10/50 cyber operations. Following his work in the intel community, he worked at the incident response firm MANDIANT for 5 years. Notably, he co-authored MANDIANT's first detail threat intelligence reports on Chinese APT activity titled "M-Trends: The Advanced Persistent Threat."


Tamar Shafler

Tamar Shafler, senior product manager for IBM Security, has more than 15 years of experience in software development, design and product management. She defines and delivers the roadmap for IBM's next generation endpoint security platform via BigFix, and works closely with the research and development, support and sales teams. Prior to joining IBM Security, Tamar was a product manager at Check Point Software Technologies.


Don Shin

Don Shin, senior technical product manager at AlienVault, has more than 20 years of experience in product management and marketing, focused around the networking, security and semiconductors industries. His background includes roles with Ixia, Freescale and AMD, among other technology companies. At AlienVault, Don enjoys developing technical resources to help customers understand how to best leverage the AlienVault platform to solve their security challenges.


Ann Sun

Ann Sun is director of product marketing for NETSCOUT'S Packet Flow Switch Business Unit. Her responsibilities include the portfolio of packet flow switches and taps solutions, with a focus on security solutions and partnerships. Prior to joining NETSCOUT, Ann headed marketing for VSS Monitoring, and held several different leadership roles at Cisco. She has been involved in various security solutions--802.1X security when she led marketing in the Wireless Networking Business Unit at Cisco, firewalls in the early days of Cisco's Security Business Unit, and physical security systems.


Ismael Valenzuela

Since he founded one of the first IT Security consultancies in Spain, Ismael Valenzuela has participated as a security professional in numerous projects across the globe over the past 17 years.

As a top cybersecurity expert with strong technical background and deep knowledge of penetration testing, security architectures, intrusion detection and computer forensics, Ismael has provided security consultancy, advice and guidance to large government and private organizations, including major EU Institutions and US Government Agencies.

Prior to his current role as Principal Engineer at McAfee, where he leads research on threat hunting using machine-learning and expert-system driven investigations, Ismael led the delivery of SOC, IR & Forensics services for the Foundstone Services team within Intel globally. Previously, Ismael worked as Global IT Security Manager for iSOFT Group Ltd, one of the world?s largest providers of healthcare IT solutions, managing their security operations in more than 40 countries.

He holds a bachelor's degree in computer science from the University of Malaga (Spain), is certified in business administration, and holds many professional certifications. These include the highly regarded GIAC Security Expert (GSE #132) in addition to GREM, GCFA, GCIA, GCIH, GPEN, GCUX, GCWN, GWAPT, GSNA, GMON, CISSP, ITIL, CISM, and IRCA 27001 Lead Auditor from Bureau Veritas UK.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.