Digital Forensic and Incident Response Strategist

Phil Hagen

Phil engages with the Digital Forensic and Incident Response (DFIR) community to ensure Red Canary’s endpoint security solution fits into DFIR processes at organizations of all sizes. Phil is a SANS Senior Instructor and course lead for SANS FOR572: Advanced Network Forensics. He has also held several previous positions at ManTech CFIA and worked as a communications officer in the US Air Force. He lives in coastal Delaware with his amazing wife and two kids, where he enjoys the local craft beer scene and is often found riding a OneWheel wherever he can.
 
ATT&CK Deep Dive: Defense Evasion
 
ATT&CK Deep Dive: Lateral Movement
 
How to Use the ATT&CK Framework to Mature Your Threat Hunting Program
 
Building a Winning Security Team: Practical Tips on Training and Team Development
 
Why the Philosophy of Continuous Monitoring Is Powerful
 
Common Security Mistake #3: Aimless Use of Threat Intelligence
 
Common Security Mistake #2: Focusing on the Perimeter
 
You Will Be Phished. Three Ways to Mitigate Your Phishing Risk.