Phil Hagen

Phil engages with the Digital Forensic and Incident Response (DFIR) community to ensure Red Canary’s endpoint security solution fits into DFIR processes at organizations of all sizes. Phil is a SANS Senior Instructor and course lead for SANS FOR572: Advanced Network Forensics. He has also held several previous positions at ManTech CFIA and worked as a communications officer in the US Air Force. He lives in coastal Delaware with his amazing wife and two kids, where he enjoys the local craft beer scene and is often found riding a OneWheel wherever he can.

By This Author

July 25, 2019

Opinions & insights

Building security from the ground up as a team of one

Webinars| MITRE ATT&CK

ATT&CK Deep Dive: Persistence

Webinars| MITRE ATT&CK

ATT&CK Deep Dive: Defense Evasion

Webinars| MITRE ATT&CK

ATT&CK Deep Dive: Lateral Movement

Webinars| Threat hunting

How to Use the ATT&CK Framework to Mature Your Threat Hunting Program

March 26, 2018

Security operations

Building a Winning Security Team: Practical Tips on Training and Team Development

August 29, 2017

Opinions & insights

Why the Philosophy of Continuous Monitoring Is Powerful

August 10, 2017

Opinions & insights

Common Security Mistake #3: Aimless Use of Threat Intelligence

Digital Forensic and Incident Response Strategist

Phil Hagen

By This Author

See what it's like to have a partner in the fight.

Experience the difference between a sense of security and actual security.