SANS Open-Source Intelligence (OSINT) Summit & Training offers immersive cyber security courses and a free Summit!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Moving up the Analytics Maturation Curve: Part 2 of the 3rd Annual SANS Security Analytics and Intelligence Survey

  • Thursday, November 12, 2015 at 1:00 PM EST (2015-11-12 18:00:00 UTC)
  • Josh Lincoln, Tim Helming, Dave Shackleford, Colby DeRodeff


  • AlienVault
  • DomainTools
  • LogRhythm
  • Lookingglass Cyber Solutions, Inc.
  • Anomali

You can now attend the webcast using your mobile device!



Can analytics scale to consume more types of data from more devices, applications and locations? Can analytics provide meaningful information that scales beyond the enterprise to the cloud, mobile devices and whatever comes after that?

Results from the SANS 2015 survey on security analytics and intelligence reveal a roadmap for the future use of analytics and how organizations can acquire meaningful information from analytics systems.

This webcast is presented in two parts. This webcast, Part 2 of the security analytics and intelligence survey series, will focus on:

  • Trends impacting investments and improvements in analytics/intelligence
  • Improvements that users of analytics systems need and why
  • What new sources of intelligence might need to be collected and analyzed in the future
  • How much security analytics will be automated and integrated
  • Keys to leveraging security analytics and intelligence tools
  • Where organizations plan to make future investments in analytics and intelligence

Part 1, held on Wednesday, November 11, 2015, focuses on the current level of maturity organizations have in their analytics systems and how much their capabilities have grown since 2014.

Join us for both webcasts and be among the first to receive the associated whitepaper written by Dave Shackleford.

View the associated analyst whitepaper here.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Tim Helming

Tim Helming, DomainTools director of product management, has over 15 years of experience in cybersecurity, from network to cloud to application attacks and defenses. At DomainTools, he applies this background to helping define and evangelize the company's growing portfolio of investigative and proactive defense offerings. At WatchGuard, he helped define and launch some of the best-selling SMB security appliances in the market. At Symform, he led definition and messaging efforts for that company's unique peer-to-peer cloud storage solution. Tim has spoken at security conferences, media events, and technology partner conferences worldwide.

Josh Lincoln

Josh Lincoln is the senior product manager of Cyber Analytics at SAS. Lincoln has 15 years of experience in cyberthreat intelligence, information operations and fraud operations. Prior to joining SAS in 2013, he served at Verisign as an intelligence analyst, Fusion Cell manager and, more recently, as senior product manager for its OSINT and TECHINT analytical processes and products. Lincoln is a co-author of the book Cyber Fraud: Tactics, Techniques and Procedures.

Colby DeRodeff

Colby DeRodeff is Chief Technology Officer at Mandiant Security Validation, formerly Verodin, where he is responsible for driving the company's technology strategy and supporting the rapid expansion of its Security Instrumentation Platform (SIP). Prior to joining Verodin, Colby co-founded the threat intelligence and analysis platform, Anomali where he led strategic initiatives, business development, and worldwide field operations. Additionally, Colby has held senior leadership positions with both Arcsight and Silver Tail Systems, where he played an instrumental role in the successful IPO of ArcSight as well as the acquisition of both companies by HP and RSA/EMC, respectively.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.