Last day to get an iPad Air w/ Smart Keyboard or Pixel 4a Smartphone with 5-6 day course registration! View details.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Ready to Replace AV? Criteria to Evaluate NGAV Solutions

  • Thursday, November 03, 2016 at 1:00 PM EDT (2016-11-03 17:00:00 UTC)
  • Neil Boland, Greg Notch, Barbara Filkins, J. Michael Butler


  • Carbon Black

You can now attend the webcast using your mobile device!



*** Webcast registrants that register between 11/15/16 and 11/30/16 will be entered in a drawing for a complementary SANS Training Course of your choice sponsored by Carbon Black.*** (Travel & hotel expenses not included)

Traditional AV, while it will always be part of the infrastructure, no longer works. It cannot stop "next-generation" attacks, such as ransomware and advanced phishing. "Next-generation" attacks require next-generation antivirus (NGAV), which can stop more attacks, see more threats and close more security gaps than traditional AV. For example, next-gen AV should improve detection, prevent and block attacks, and reduce overhead and false positives through intelligence, behavior and pattern matching, rather than just relying on signatures.

In this webinar, youll hear from Neil Boland, Chief Information Security officer at Major League Baseball, as well as Greg Notch, SVP, Information Technology & Security at National Hockey League, security pioneers who are upgrading to NGAV and want to share their experiences.

In addition, SANS will share the criteria they have developed to evaluate the many tools now flooding the market claiming to be next-generation tools. This webcast will dive into the technology behind NGAV and provide specific guidance on how to assess NGAV's efficacy and role in your environment. In this webcast attendees will learn:

  • Best practices from security executives at MLB and NHL
  • What distinguishes NGAV from traditional AV
  • The technology behind NGAV that works to stop modern threats
  • How to effectively evaluate products against current and future threat types

View an associated Next-Gen AV Evaluator's Guide developed by SANS Analyst Program research director Barbara Filkins (with advice from SANS Analyst J. Michael Butler) here:

Speaker Bios

Neil Boland

Neil Boland is Major League Baseball’s Chief Information Security Officer, responsible for the league’s cyber defense strategy, operations and incident response capabilities. MLB’s cyber group is also responsible for digital investigations and forensics, with a focus on IP theft, counterfeiting, and piracy. Boland is a member of the Department of Homeland Security’s Science and Technology working group, exploring emerging technologies in the areas such as drone detection and interdiction, cyber countermeasures, and facial recognition. 

Greg Notch

Greg Notch, Senior Vice President of Information Technology and Security for the NHL, has been architecting and implementing large scale infrastructure and enterprise systems since 1995. For the past 8 years he has worked on defining top level technology and security strategy for the NHL. Currently he is developing and implementing a league-wide comprehensive information security program including policies, technology selection, auditing, and incident response capabilities. Prior to joining the NHL he has worked on infrastructure, security, and software systems for Apple, Yahoo Search, eMusic, and several other NYC based startups. Greg holds SANS GPEN, GCIH, and GAWN certifications and is an active member of the GIAC Advisory Board.

Barbara Filkins

Barbara Filkins, SANS Analyst Program Research Director, holds several SANS certifications, including the GSEC, GCIH, GCPM, GLEG and GICSP, the CISSP, and an MS in information security management from the SANS Technology Institute. She has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Barbara focuses on issues related to automation—privacy, identity theft and exposure to fraud, plus the legal aspects of enforcing information security in today’s mobile and cloud environments, particularly in the health and human services industry, with clients ranging from federal agencies to municipalities and commercial businesses.

J. Michael Butler

J. Michael Butler is a SANS analyst who has also written SANS security training courseware and audited certification test questions; presents thought-provoking webcasts; and writes position papers, articles and blogs. He is an information security consultant with a leading provider of technical services for the mortgage industry, where he is involved in migration of assets to the cloud. Mike's responsibilities have included computer forensics, incident response, enterprise security incident management planning, internal auditing of information systems and infrastructure, information security policies, service delivery and distributed systems support. He holds the GCFA, GCIH, CISA, GSEC and EnCE certifications.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.