SANS Open-Source Intelligence (OSINT) Summit & Training offers immersive cyber security courses and a free Summit!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Be Ready for a Breach with Intelligent Response

  • Thursday, November 06, 2014 at 1:00 PM EST (2014-11-06 18:00:00 UTC)
  • Ofir Arkin, James Tarala


  • Mcafee LLC

You can now attend the webcast using your mobile device!



Breaches of corporate data have become commonplace and organizations are no longer in a position to ignore the need for incident response. Well-trained, experienced staff will continue to play a crucial role well into the future. But with the skills gap facing the industry in this area, the speed of network attacks, and the volume of data that must be processed on a daily basis, organizations more and more are relying on automated capabilities as a part of their toolkit. In this whitepaper, based on three surveys (SANS Incident Response Survey, SANS Critical Security Controls Survey, and the SANS Analytics and Intelligence Survey), we will examine the mechanisms available to automate incident response efforts to assist organizations with their incident handling efforts. In addition, we will discuss how to take advantage of what automation you have available and provide trends and advice where possible.

Join this webcast, featuring SANS CSC course author and instructor James Tarala. Key topics of discussion will be:

  • Changing your attack sensitivity and optics to see the complete picture
  • How to get more secure as a result of each investigation
  • How to "think like an analyst" with automated processes
  • Understanding which tools matter most, first, and against different workflows

Register today to be among the first to receive the associated whitepaper.

View the associated whitepaper.

Speaker Bios

James Tarala

James Tarala is a principal consultant with Enclave Security, based in Venice, Florida. He is a regular speaker and senior instructor with the SANS Institute, specializing in the implementation of the Critical Security Controls. He is also a courseware author and editor for many SANS auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, email, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often performs independent security audits and assists internal audit groups in developing their internal audit programs.

Ofir Arkin

Ofir Arkin is the VP and Chief Architect for the Intel Security, driving vision and product strategy. Joining Intel Security with the Insightix acquisition, Arkin has been leading cross-functional teams on the strategy and execution of the Data Exchange Layer and the Security Connected Framework, leading to the upcoming release of McAfee Threat Intelligence Exchange, the first technology fully leveraging DXL. Prior to Intel Security, Arkin founded Insightix, an innovator of real-time security intelligence and control solutions. Arkin was responsible for developing the company's core technology while providing critical direction and strategic leadership. Arkin is the author of numerous research papers, patents, patent applications, advisories and influential articles covering information warfare, network visibility, access control, VoIP security and remote OS fingerprinting.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.