It’s 2018 – why are we still manually blocking firewall ports, manually ingesting threat feeds, and manually implementing blocks from well-known, trusted sources? Automation and integration allows security professionals to keep up with the pace of today’s threat landscape. The two go hand in hand but are they right for every organization?
This webcast explores the pros and cons of automation and integration, focusing on what an organization needs to consider before implementing such an approach. Most important, the webcast and associated white paper will help answer these key questions:
- What would it take to manually do what automation does?
- How can I protect my assets?
- How do I get actionable threat intelligence?
Register now for this webcast, and be among the first to receive the associated whitepaper written by SANS instructor and cloud expert Matt Bromiley.
About the Speakers
Certified Instructor, SANS
Matt Bromiley is a SANS Certified Digital Forensics and Incident Response instructor, teaching Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508) and Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (FOR572), and a GIAC Advisory Board member. He is also a principal incident response consultant at a major incident response and forensic analysis company, combining experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.
Chief Technology Officer, LookingGlass Cyber Solutions
As Lookingglass Chief Technology Officer, Allan Thomson brings more than three decades of experience in technology areas such as networking and distributed IT. Prior to Lookingglass, Allan most recently served as Principal Engineer at Cisco Systems, Inc., where he led the software architecture and design of the company’s Cyber Threat Defense System and Platform Exchange Grid. He was responsible for overall systems management and security telemetry collection/aggregation, as well as distributed threat analysis/intelligence services in multi-tenant public and private cloud deployments. Prior to joining Cisco, Allan oversaw the technology growth initiatives of several start-up companies, including Airespace, where he was a Software Architect responsible for the design, development and network management/location tracking of the company’s wireless local area network (WLAN) system. Airespace was acquired in 2005 by Cisco, and Allan joined Cisco following the acquisition.