The Best Online Cybersecurity Training in the World - SANS OnDemand


To attend this webcast, login to your SANS Account or create your Account.

Opening the Floodgates: How to Analyze 30+ TB of Endpoint Data Without Drowning Your Security Team

  • Monday, March 19th, 2018 at 1:00 PM EST (17:00:00 UTC)
  • Brian Beyer
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • RedCanary

You can now attend the webcast using your mobile device!


Most security teams are flooded with alerts from endpoint security products. Not only are 95% of alerts not investigated due to time and resource constraints, but the most worrisome threats bypass prevention tools altogether.


Brian Beyer, co-founder and CEO of Red Canary, reveals how his organization built a massive data processing system to collect all endpoint activity and investigate magnitudes more potential threats.


This technical deep dive will cover:

  • Why its crucial to meet attackers where they are at the endpoint and collect all endpoint activity
  • How Red Canary identifies malicious activity by applying data standardization, threat intelligence, behavioral analysis, and other techniques to feed a hunting and response team
  • How to use suppression as a secret weapon to enable a small team to process massive amounts of data daily
  • Layering crucial applications like threat intelligence and incident response on top of the architecture to quickly stop attacks
  • Firsthand insights from a team that conducts investigations into a half dozen breaches per week

Speaker Bio

Brian Beyer

Brian Beyer leads Red Canary to bring world-class threat detection and response to every business. Prior to co-founding Red Canary, Brian incubated cybersecurity products at Kyrus, where he specialized in building and delivering innovative solutions to solve unique cybersecurity challenges. Brian innovated big data processing solutions for the intelligence community at Northrop Grumman, one of the world’s largest defense contractors, and began his career in cybersecurity in ManTech’s Computer Forensics & Intrusion Analysis group.


About Red Canary

Red Canary is the leaders in continuous threat hunting and response. Founded by a team of cybersecurity and big data processing experts, Red Canary brings together leaders in security operations, threat hunting, and massive scale data processing to enable a dramatic leap forward in customers’ security maturity. Headquartered in Denver, Red Canary empowers the best security teams around the globe to stop breaches. To learn more visit

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.