Special Offer w/ OnDemand: Get an iPad (32 G), Galaxy Tab A, or Take $250 Off OnDemand Training thru Jan 27


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

How Security Analysts Master Incident Response with Behavioral Analytics

  • Friday, October 21, 2016 at 1:00 PM EDT (2016-10-21 17:00:00 UTC)
  • Orion Cassetto, Andy Skrei


  • Exabeam

You can now attend the webcast using your mobile device!



Security analysts face more obstacles in their day-to-day operations than most realize. Detecting sophisticated attacks that involve lateral movement is difficult and time-consuming. However, analysts spend even more time on mundane tasks such as assembling incident timelines, determining how to pivot through data, username to IP attribution, and even simply finding the asset owners.

This webinar will explore how machine learning, behavioral modeling, and statistical analysis--the pillars of User and Entity Behavior Analytics (UEBA) solutions--can be used to improve SOC efficiency and automate the crucial tasks analysts routinely face.

Attend this webinar and learn:

  • How to quickly identify lateral movement with behavioral modeling
  • How machine learning and statistical analysis can provide valuable context for investigation
  • How incident investigation can be accelerated with session-based user activity timelines
  • How to increase analyst resources for proactive security measures such as threat hunting

Speaker Bios

Orion Cassetto

Orion Cassetto, Sr. Product Marketing Manager at Exabeam, has nearly a decade of experience marketing cybersecurity and web application security products. Prior to Exabeam, Orion worked for other notable security vendors including Imperva, Incapsula, Distil Networks, and Armorize Technologies. He is a security enthusiast and frequent speaker at conferences and tradeshows, with recent speaking engagements including SXSW interactive, Joomla World Conference, and Phocuswright.

Andy Skrei

Andy Skrei, a Solutions Architect at Exabeam, previously worked as a Lead Security Engineer at eBay developing and deploying technologies for their global SOC. Prior to eBay he was a manager at KPMG, helping some of the largest organizations in the world increase security maturity and reduce risk. Andy has a unique view on UBA starting as a customer, to now deploying it worldwide at organizations both large and small.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.