Final Week to Get a MacBook Air or Surface Pro 7 with 5 or 6 Day Training - Register Today!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Opening the Floodgates: How to Analyze 30+ TB of Endpoint Data Without Drowning Your Security Team

  • Monday, March 19, 2018 at 1:00 PM EST (2018-03-19 17:00:00 UTC)
  • Brian Beyer


  • RedCanary

You can now attend the webcast using your mobile device!



Most security teams are flooded with alerts from endpoint security products. Not only are 95% of alerts not investigated due to time and resource constraints, but the most worrisome threats bypass prevention tools altogether.


Brian Beyer, co-founder and CEO of Red Canary, reveals how his organization built a massive data processing system to collect all endpoint activity and investigate magnitudes more potential threats.


This technical deep dive will cover:

  • Why its crucial to meet attackers where they are at the endpoint and collect all endpoint activity
  • How Red Canary identifies malicious activity by applying data standardization, threat intelligence, behavioral analysis, and other techniques to feed a hunting and response team
  • How to use suppression as a secret weapon to enable a small team to process massive amounts of data daily
  • Layering crucial applications like threat intelligence and incident response on top of the architecture to quickly stop attacks
  • Firsthand insights from a team that conducts investigations into a half dozen breaches per week

Speaker Bio

Brian Beyer

Brian Beyer leads Red Canary to bring world-class threat detection and response to every business. Prior to co-founding Red Canary, Brian incubated cybersecurity products at Kyrus, where he specialized in building and delivering innovative solutions to solve unique cybersecurity challenges. Brian innovated big data processing solutions for the intelligence community at Northrop Grumman, one of the world’s largest defense contractors, and began his career in cybersecurity in ManTech’s Computer Forensics & Intrusion Analysis group.


About Red Canary

Red Canary is the leaders in continuous threat hunting and response. Founded by a team of cybersecurity and big data processing experts, Red Canary brings together leaders in security operations, threat hunting, and massive scale data processing to enable a dramatic leap forward in customers’ security maturity. Headquartered in Denver, Red Canary empowers the best security teams around the globe to stop breaches. To learn more visit

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.