Interactive Courses + DFIR NetWars Available During SANS Cyber Security Central in June. Save $300 thru 5/12.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Unwind Your SIEM: Improved Threat Hunting and Detection with Chronicle

  • Thursday, April 30, 2020 at 3:30 PM EDT (2020-04-30 19:30:00 UTC)
  • Matt Bromiley, Ansh Patnaik, Dr. Anton Chavakin


  • Chronicle

You can now attend the webcast using your mobile device!



SOC operations are impaired by products that are ineffective in detecting and triaging modern threats and also carry a high TCO burden. Most of these products, including your legacy SIEM, were built to analyze terabytes rather than exabytes of telemetry. However, a new generation of security analytics solutions is emerging to solve exactly these problems, bringing together the scale, performance, economic model and analytical capabilities needed to protect against todays threats.

Join this webinar to hear the Google Cloud security team discuss with SANS moderator, Matt Bromiley, how the Chronicle global security analytics platform can improve your security teams ability to detect, hunt and investigate threats. Learn about YARA-L, a new specialized threat detection language for advanced threats, and watch a live demo of Chronicle in action.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Ansh Patnaik

Ansh Patnaik is responsible for product marketing at Chronicle. Previously, he was VP of Product Management at Oracle where he defined and launched their Security Analytics Cloud service. Ansh has held product management, marketing and sales engineering roles at several cybersecurity and data segment market leaders including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec).

Dr. Anton Chavakin

Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.