Last day to save $150 off Offensive Operations courses during SANS Pen Test & Offensive Training 2021!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Incident Response: Give Me Data or Give Me Death!

  • Friday, April 27, 2018 at 1:00 PM EDT (2018-04-27 17:00:00 UTC)
  • Gary Harrison, Nick Schroeder


  • Rapid7 Inc.

You can now attend the webcast using your mobile device!



Incident response is nothing new. Were all familiar with it and were exposed to it more and more everyday as attacks get bigger and more sophisticated. Having the right data to walk the attack backwards and be able to identify and document what happened is critical. In this session, an overview of incident detection fundamentals, the incident response process, and common questions that need to be answered during an incident, such as where we can find critical and incident-relevant data, will be addressed.

Speaker Bios

Nick Schroeder

Nick has been working in security and technology for a little over 10 years. First starting as a systems administrator, he was responsible for managing client networks and large scale server farms. Nick came to Rapid7 from Mandiant where he†worked and responded to some of the largest breaches in the world and provided expertise to a wide variety of audiences in multiple industry verticles. Prior to specializing in incident response and forensics, Nick worked as a pentester in the federal space. Most recently, Nick has shifted to a more hunt based and strategic security role.

Gary Harrison

Gary Harrison is an information security consultant and enthusiast with eight years of experience working as an information security engineer, analyst, and leader. Gary has supported cybersecurity efforts in both the private and public sector as a consultant and employee. He has been responsible for a variety of initiatives ranging from supporting a Fortune 100 clientís efforts to build a cyber threat intelligence team to leading the technical design, implementation, and operation of a global companyís information security program. Gary holds a GIAC Continuous Monitoring (GMON) Certification and a Bachelorís degree in Computer Networks and Security from University of Maryland University College.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.