Four Days Left to Get an iPad (32G), Galaxy Tab A, or $250 Off Online Training!


To attend this webcast, login to your SANS Account or create your Account.

Open Season on Cyberthreats: Part I- Threat Hunting 101

  • Thursday, April 14th, 2016 at 1:00 PM EDT (17:00:00 UTC)
  • Eric Cole, PhD, Ryan Cason, Mark Painter and Dana Torgersen
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Carbon Black
  • DomainTools
  • Endgame
  • HPE
  • Malwarebytes
  • Sqrrl Data, Inc.

You can now attend the webcast using your mobile device!


Expanding on the results of the 2015 SANS Incident Response Survey, the threat hunting survey explores the uses and benefits of threat hunting. Results of the survey will be presented in a two-part webcast.

In Part 1 of the webcast, attendees will gain insight into:

  • What threat hunting entails
  • What pitfalls stand in the way of attaining actionable results
  • What organizations are discovering through threat hunting

Part 2 of the webcast, held on Friday, April 15, 2016 at 1:00 p.m. Eastern, will focus on threat hunting methodologies and tools.

Be among the first to receive the associated whitepaper written by threat hunting expert and SANS Analyst Eric Cole.

View the assciated whitepaper here.

Speaker Bios

Eric Cole

Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.

Ryan Cason

Ryan Cason is a senior technical account manager that works with Bit9 + Carbon Black's IR/MSSP Partners. Ryan has more than 17 years of experience in all aspects of system, network and security engineering. Prior to Bit9 + Carbon Black, he was chief cyber security engineer for NJVC, a technology consulting firm that supported the intelligence community. Previously, Ryan was director of operations at Avaya Government Solutions for Scope EDGE with the US Air Force, providing Network Health Assessments. He is an active member of the Air National Guard and earned a bachelor's degree in information systems from McKendree University.

Mark Painter

Mark Painter currently serves as a security evangelist for HPE Security. In this role, he is responsible for educating customers, security professionals, executives and other groups about the risks of security vulnerabilities and HPE Security solutions. Over the course of his career, Mark has been involved with product management and marketing, vulnerability research, and security blogging. You can follow his writing and security activities via @secpainter.

Dana Torgersen

Dana Torgersen is a veteran product marketer who cut his teeth in network and data center security while at Secure Computing, McAfee, Palo Alto Networks, and security startup Illumio. He heads up Product Marketing for Malwarebytes, encouraging individuals and businesses to protect their endpoints against malware and exploit-based threats.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.