Interactive Courses + DFIR NetWars Available During SANS Cyber Security Central in June. Save $300 thru 5/12.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

All for One, One for All: Bringing Data Together with Devo

  • Wednesday, August 19, 2020 at 12:00 PM EDT (2020-08-19 16:00:00 UTC)
  • Matt Bromiley, Fred Wilmot


  • Devo Technology Inc.

You can now attend the webcast using your mobile device!



Security analysts need to be empowered to put their data to use instead of drowning in it. The process of collecting and correlating multiple disparate datasets is no easy feat and needlessly distracts analysts from the business of investigating incidents and protecting the organization. Analysts shouldn't spend more time parsing data than they do analyzing it.

It's time for a change. One tool that enables analysts to combat the analysis paralysis they face is Devo Security Operations, a solution built on top of the highly integrated Devo Data Analytics Platform.

In this webcast, SANS instructor Matt Bromiley reviews Security Operations as an intuitive solution that empowers analysts to put their data to use. Bromiley shares his experiences using Security Operations as a tool that:

  • Enables analysts to quickly and accurately gain enterprise-wide insight into threats
  • Enhances alert triage by providing context and automatic enrichment of data in a way that aligns with the natural analyst workflow
  • Serves up useful, actionable context about alerts and investigations without requiring analysts to acquire files for analysis or perform manual data enrichment
  • Integrates into analysis and response workflows, with at least 400 days of hot data and instant access to context

Register today to be among the first to receive the associated whitepaper written by Matt Bromiley.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Fred Wilmot

Fred Wilmot is Devo Chief Information Security Officer and Head of Security Products & Engineering. For the past 20 years, Fred has led and built product, engineering, support, pre-sales and services teams in the security industry. He previously built security operations centers for federal, civilian and foreign organizations as the founder of Splunk's security practice, professional services offerings, and product research and innovation. He has worked on site during breach response and remediation at many major breaches. Fred firmly believes in lowering the security skills poverty line by democratizing security operations, analytics, digital forensics and incident response, and has spoken at conferences around the world in support of the cause. He attended the U.S. Naval Academy and Florida State University.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.