Interactive Courses + DFIR NetWars Available During SANS Cyber Security Central in June. Save $300 thru 5/12.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The Need for Speed: Integrated Threat Response

  • Wednesday, September 12, 2018 at 1:00 PM EDT (2018-09-12 17:00:00 UTC)
  • Matt Bromiley, Allan Thomson


  • Lookingglass Cyber Solutions, Inc.

You can now attend the webcast using your mobile device!



It's 2018 - why are we still manually blocking firewall ports, manually ingesting threat feeds, and manually implementing blocks from well-known, trusted sources? Automation and integration allows security professionals to keep up with the pace of today's threat landscape. The two go hand in hand but are they right for every organization?

This webcast explores the pros and cons of automation and integration, focusing on what an organization needs to consider before implementing such an approach. Most important, the webcast and associated white paper will help answer these key questions:

  • What would it take to manually do what automation does?
  • How can I protect my assets?
  • How do I get actionable threat intelligence?

Register now for this webcast, and be among the first to receive the associated whitepaper written by SANS instructor and cloud expert Matt Bromiley.

View the associated whitepaper here.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Allan Thomson

As Lookingglass Chief Technology Officer, Allan Thomson brings more than three decades of experience in technology areas such as networking and distributed IT. Prior to Lookingglass, Allan most recently served as Principal Engineer at Cisco Systems, Inc., where he led the software architecture and design of the company’s Cyber Threat Defense System and Platform Exchange Grid. He was responsible for overall systems management and security telemetry collection/aggregation, as well as distributed threat analysis/intelligence services in multi-tenant public and private cloud deployments. Prior to joining Cisco, Allan oversaw the technology growth initiatives of several start-up companies, including Airespace, where he was a Software Architect responsible for the design, development and network management/location tracking of the company’s wireless local area network (WLAN) system. Airespace was acquired in 2005 by Cisco, and Allan joined Cisco following the acquisition.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.