Live, interactive cybersecurity training available through SANS Live Online. View upcoming events.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Threat Intelligence: What It Is, and How to Use It Effectively

  • Tuesday, September 20, 2016 at 1:00 PM EDT (2016-09-20 17:00:00 UTC)
  • Stephen Gates, Matt Bromiley



You can now attend the webcast using your mobile device!



Security practitioners are hearing more and more about threat intelligence (TI). But what exactly is it, and how can TI be effectively deployed as part of an organization's defenses against advanced malware and cyberattacks?

In this webcast, you will learn just what constitutes threat intelligence, the different kinds of TI and why companies are implementing it. Attendees will also learn how and when to integrate intelligence into their security posture, the role of this intelligence in incident response and when to use it to identify critical security events.

Join us to get a clearer understanding of this powerful tool and to learn how you can make the best use of it. And be the first to get the new associated SANS whitepaper on the topic of threat intelligence.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Stephen Gates

Stephen Gates is chief research intelligence analyst with NSFOCUS IBD. A recognized subject-matter expert on DDoS attack tools and methodologies, he has been instrumental in solving the DDoS problem for service providers, hosting providers and enterprises. He has more than 25 years of computer networking and security experience and an extensive background in the deployment and implementation of next-generation security solutions. He came to NSFOCUS from Corero Network Security, where he served as the chief security evangelist. He frequently provides insight, editorial, industry thought leadership and presentations on the latest security topics at RSA, SecureWorld, SANS, Black Hat, IANS, ISSA, InfraGard, ISACA, etc.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.