Join us for the FREE Cyber Defense Forum | Live Online on October 9


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Zero-Day Defense: The Power of Actionable Threat Intelligence and Continuous Endpoint Data Collection

  • Wednesday, June 24, 2015 at 3:00 PM EDT (2015-06-24 19:00:00 UTC)
  • Brent Midwood, Stephen Newman


  • Carbon Black

You can now attend the webcast using your mobile device!



Threat intelligence is only as good as you can apply it within your environment. Traditional prevention solutions cannot adapt as fast as new attack techniques are developed and deployed. Enterprises need mechanisms to apply quality threat intelligence, in real time, to discover hidden, advanced threats, before damage is done. Improving how your incident team responds also requires a deep understanding of the threat and its impact. Join Brent Midwood, Technical Product Manager at Bit9 + Carbon Black, and Stephen Newman, VP of Product and Strategy at Damballa, to learn about:

  • The evolving threat landscape and existing security challenges
  • How to discover advanced malware infections, with certainty, regardless of source, entry vector, or operating system
  • Leveraging continuous endpoint recording for complete historical analysis and immediate root-cause investigations for rapid attack recovery

Speaker Bios

Stephen Newman

Stephen Newman brings over 17 years of product management leadership to Damballa. He has designed products and product strategies for leading, innovative technologies throughout his career. Since joining Damballa in 2009, his team has successfully built upon the company's 16 patented/patent-pending innovations to create advanced threat detection solutions that harness big data science. Specific contributions include the creation of contextual-based detection engines; the Case Analyzer, an intelligence platform that makes automatic decisions about the status of infected devices; and Risk Profilers, which prioritize compromised assets so incident responders can take immediate action on incidents. Today, Damballa's enterprise and ISP solutions are the industry's most mature and sophisticated, protecting more than half a billion devices globally.

Prior to joining Damballa, Stephen developed a range of security products for companies like EarthLink, MegaPath, Secure Computing, and McAfee. Stephen is a frequent speaker at industry conferences and unique user groups, including the Federal Reserve Bank and the US Embassy in Canada. His passion is to jointly whiteboard with prospects and customers to attack challenges and find solutions. Stephen holds a Master's Degree in Electrical Engineering from Georgia Tech and a Bachelor's Degree in Electrical Engineering from Johns Hopkins University.

Brent Midwood

Brent Midwood drives the product vision and execution of Bit9 + Carbon Black's Threat Intelligence Cloud, which makes tactical and strategic threat intelligence instantly actionable inside the Bit9 + Carbon Black endpoint security solutions. Brent has spent the majority of his career as an engineer working in the Federal Government as both a contractor and civilian employee within the Intelligence Community, Department of Defense, and Department of Transportation. A hands-on technical communicator with over 15 years of experience in the information security domain, he has designed and managed projects focusing on endpoint and network defensive operations, secure application development, malware analysis, surveillance systems, and information assurance projects. Prior to joining Bit9 + Carbon Black, Brent also spent time working at various private and public companies, including Microsoft, Imprivata, and Entropic. Brent holds a Bachelor of Science degree in Computer Science and Mathematics from the College of William & Mary, and has since studied at George Mason University, Boston University, and Worcester Polytechnic Institute.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.