OnDemand Training - Best Special Offers of the Year Ending Soon - Learn More


To attend this webcast, login to your SANS Account or create your Account.

So Many Tools So Little Time: Optimizing Threat Intelligence Effectiveness for SOC Teams

  • Thursday, August 20, 2020 at 1:00 PM EDT (2020-08-20 17:00:00 UTC)
  • John Pescatore, Scott Dowsett


  • Anomali

You can now attend the webcast using your mobile device!



The events of 2020 have forced security teams to address the challenges of securing the exponentially huge work-from-home (WFH) workforce. This same group of unsure WFH employees is facing rapid growth in attacks targeting remote access and collaboration systems and being targeted with sophisticated phishing attacks. All this while the security operations team has to maintain productivity in a distributed, WFH environment.

There is no single piece of technology that solves these problems. Security Operations Center (SOC) teams are reacting to this new normal with many tools to address the increased demands and time challenges. Accurate and timely threat information can act as a key force multiplier for security teams with limited staff but the reality is that almost all organizations will use multiple tools from multiple sources. The key to effective use is the ability to integrate and assess the threat information rapidly to take timely action before the business or the customer is impacted.

Topics covered in this webcast will include:

  •  Collecting threat intel from your existing tools
  •  Identifying threat intel in the wild
  •  Leveraging OSINT tools
  •  Introduction of the Anomali Lens browser plugin

Learn how to optimize your SOC teams time while you navigate this high-pressure environment.

Get signed up!

Speaker Bios

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Scott Dowsett

Scott holds the position of VP of Worldwide Sales Engineering at Anomali. He has over 20 years of experience in the field of cybersecurity and computer networking. Previously, Scott worked as a Senior Pre-Sales Engineer at Intel Security supporting multiple regions specializing in WEB, DLP, SIEM, Firewall, IPS and Advanced Threat Detection products. Prior to joining Intel Security, Scott was a part of Nortel Networks and held various sales engineering roles in support of broadband, enterprise, and security products. Scott holds the Certified Information Systems Security Professional (CISSP) certification from the International Information System Security Certification Consortium as well as the Certified Information Systems Auditor (CISA) certification from the Information Systems Audit and Control Association. In addition, he is also certified in Risk and Compliance.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.