Back By Popular Demand! - Newest iPad Pro, Surface Pro 4 or $550 Off OnDemand or vLive!


To attend this webcast, login to your SANS Account or create your Account.

Incident Response Capabilities in 2016 - Part 1: The Current Threat Landscape and Survey Results

  • Wednesday, June 8th, 2016 at 1:00 PM EDT (17:00:00 UTC)
  • Matt Bromiley, Rob Lee (moderator), Tamar Shafler, Don Shin, Ann Sun and Ismael Valenzuela
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • AlienVault
  • Arbor Networks
  • HP Enterprise Security
  • IBM
  • McAfee
  • LogRhythm
  • NETSCOUT Systems, Inc.
  • Veriato

You can now attend the webcast using your mobile device!


The third annual SANS survey on incident response will look at the continuing evolution of incident response, how tactics and tools have changed in the last three years and how security professionals are dealing with increasing numbers and kinds of attacks.

Attendees at this first part of the two-part webcast will hear results of the survey and learn:
  • What the current threat landscape looks like
  • How many incidents and breaches incident responders are responding to
  • What the underlying cause of the resulting breaches is
  • What types of data were exfiltrated
  • How mature incident response programs are
  • What systems are included in investigations
  • What tools and processes are used in incident response

Part 2 of this webcast, on Thursday, June 9, 2016 at 1 PM Eastern, presents survey results and focuses on emerging trends in incident response.

Register to attend both parts of this survey-based webcast and be among the first to receive the associated whitepaper written by Alissa Torres.

View the associated whitepaper here.

Speaker Bios

Matt Bromiley

Matt Bromiley, is a SANS Digital Forensics and Incident Response instructor and a GIAC Advisory Board member. He is also a senior managing consultant at a major incident response and forensic analysis company, bringing together experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Rob Lee

Rob Lee is the curriculum lead and author for digital forensic and incident response at the SANS Institute. With more than 19 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention and incident response, he provides consulting services via HARBINGERS LLC. in the Boston, MA. area. Before directing services at HARBINGERS, Rob worked with government agencies in law enforcement, defense, and intelligence communities as a lead for vulnerability discovery and exploit development teams supporting Title10/50 cyber operations. Following his work in the intel community, he worked at the incident response firm MANDIANT for 5 years. Notably, he co-authored MANDIANT's first detail threat intelligence reports on Chinese APT activity titled "M-Trends: The Advanced Persistent Threat."

Tamar Shafler

Tamar Shafler, senior product manager for IBM Security, has more than 15 years of experience in software development, design and product management. She defines and delivers the roadmap for IBM's next generation endpoint security platform via BigFix, and works closely with the research and development, support and sales teams. Prior to joining IBM Security, Tamar was a product manager at Check Point Software Technologies.

Don Shin

Don Shin, senior technical product manager at AlienVault, has more than 20 years of experience in product management and marketing, focused around the networking, security and semiconductors industries. His background includes roles with Ixia, Freescale and AMD, among other technology companies. At AlienVault, Don enjoys developing technical resources to help customers understand how to best leverage the AlienVault platform to solve their security challenges.

Ann Sun

Ann Sun is director of product marketing for NETSCOUT'S Packet Flow Switch Business Unit. Her responsibilities include the portfolio of packet flow switches and taps solutions, with a focus on security solutions and partnerships. Prior to joining NETSCOUT, Ann headed marketing for VSS Monitoring, and held several different leadership roles at Cisco. She has been involved in various security solutions--802.1X security when she led marketing in the Wireless Networking Business Unit at Cisco, firewalls in the early days of Cisco's Security Business Unit, and physical security systems.

Ismael Valenzuela

Ismael Valenzuela, incident response/digital forensics practice manager at Intel Security (Foundstone Services), has spearheaded international IR projects since founding an IT security consultancy in Spain in 2000. He leads the delivery of security operations center (SOC), cyber incident response, digital forensics and threat research services for public and private corporations. Previously, Ismael was Global IT Security Manager for iSOFT Group, a provider of healthcare IT solutions. Author of articles for Hakin9, INSECURE Magazine and the SANS Forensics Blog, Ismael also serves on the GIAC Advisory Board, holds a GSE certification and instructs in the SANS Digital Forensics and Cyberdefense tracks.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.