Team Lead, Managed Threat Hunting
Current
Sep 2024 - Present
AeroLeads people directory · profile
Ryan Chapman Email & Phone Number
Threat Hunter | Host & Network Forensics | Malware Analysis | SANS Author (FOR528) & Instructor | CactusCon Crew | PluralSight Author
at
Palo Alto Networks
1 work email found
@cylance.com
4 phones found area 831, 602, and 631
LinkedIn matched
✓ Verified May 2026
4 data sources
Profile completeness 100%
Current company
Role
Threat Hunter | Host & Network Forensics | Malware Analysis | SANS Author (FOR528) & Instructor | CactusCon Crew | PluralSight Author
Location
Goodyear, Arizona, United States
Who is Ryan Chapman? Overview
A concise factual answer block for searchers comparing this professional profile.
Quick answer
Ryan Chapman is listed as Threat Hunter | Host & Network Forensics | Malware Analysis | SANS Author (FOR528) & Instructor | CactusCon Crew | PluralSight Author at Palo Alto Networks, based in Goodyear, Arizona, United States. AeroLeads shows a work email signal at cylance.com, phone signal with area code 831, 602, 631, and a matched LinkedIn profile for Ryan Chapman.
Ryan Chapman previously worked as Team Lead, Managed Threat Hunting at Palo Alto Networks and Principal Threat Hunter at Palo Alto Networks. Ryan Chapman holds Graduate, Information Assurance from Regis University.
Company email context
Email format at Palo Alto Networks
This section adds company-level context without repeating Ryan Chapman's masked contact details.
{first_initial}{last}@cylance.com
86% confidence
AeroLeads found 1 current-domain work email signal for Ryan Chapman. Compare company email patterns before reaching out.
Profile bio
About Ryan Chapman
I am an Information Security professional with over 20 years of experience in the IT realm, half of which have been in hands-on DFIR roles. I love working with people, sharing knowledge, and absorbing all that I can from others. I have a zest for learning, and I love the fact that the security industry is an ever-evolving creature. Nothing is stale, there is always something new to learn, and I absolutely love what I do. You can't ask for more than that!For the past few years I have had a core focus on ransomware. I've been hyper-focused so much that I ended up authoring a new SANS course on ransomware -- FOR528: Ransomware and Cyber Extortion (sans.org/for528). Though ransomware attacks are a scourge on our computing lives, I relish in the ability to dissect, understand, and protect against these threats.I also enjoy public speaking. I love to run my mouth, and having the opportunity to do so in front of like-minded professionals is a true joy of mine. I have presented at conferences including DefCon, SANS Summits, BSides (Las Vegas | San Francisco), CactusCon, Splunk.Conf, at various universities/clubs, and more. I love engaging with the security community so much that I work as a core staff member for CactusCon, Arizona's hacker/security conference. I served as the conference lead for two years (CC9/CC10) and now serve as the Sponsor/Community Liaison. The more I can help to connect people and foster learning in our realm, the better!You can find more information about me along with presentations, podcasts, articles/press, workshops, and more at my website: https://incidentresponse.training/
Listed skills include Security, Troubleshooting, Computer Security, Network Security, and 24 others.
Current workplace
Ryan Chapman's current company
Company context helps verify the profile and gives searchers a useful next step.
13 roles
Ryan Chapman work experience
A career timeline built from the work history available for this profile.
Principal Threat Hunter
Nov 2023 - Sep 2024
Principal Consultant, Incident Response
Nov 2022 - Nov 2023
Author & Instructor
CurrentAuthor of SANS FOR528: Ransomware for Incident Responders- See https://for528.com/courseInstructor for SANS FOR610: Reverse-Engineering Malware (Malware Analysis Tools and Techniques)- See https://for610.com/courseTeaching Schedule: https://www.sans.org/profiles/ryan-chapman/Co-chair for SANS Ransomware Summithttps://for528.com/summit23
Dec 2019 - Present
Conference Organizer
CurrentCactusCon Lead Organizer for CactusCon 9 & 10 (2021 & 2022)- Lead organizer. Served as project manager for conference and helped guide the actions of our core volunteers.Sponsor & Community Liaison for CactusCon 11 (upcoming, 2023)- Transitioned to working with potential sponsors and the community
Oct 2019 - Present
Author & Curriculum Development
CurrentAuthored several incident response courses and helped develop the incident response curriculum path/blueprint.
Dec 2016 - Present
Principal Incident Response & Forensics Consultant
As an IR consultant for BlackBerry Security Services, I run and work incidents on behalf of our clients. Our firm provides response, assessment, and training in the digital forensics and incident response (DFIR) realm. My primary case types involve digital forensics investigations (e.g. ransomware cases), compromise assessments, business email compromises.
Jul 2019 - Nov 2022
Senior Incident Response Analyst
- Lead and prioritize CIRT/SOC incident response endeavors- Participate in the Incident Commander rotation during declared incidents- Technical lead/escalation point for SOC- Quality control for SOC work- Technical training development and delivery for IR processes- Daily review of high-priority eventsExample project: SOC Baseline TrainingDeveloped and.
Sep 2017 - Jul 2019
Computer Incident Response Team Analyst
- Participate in Incident Commander (IC) rotation, facilitating a governing role to direct response initiative during declared incidents- Function as the CIRT/SOC liaison, serving as a technical lead for the SOC- Perform forensic examinations and cyber intelligence vetting- Research, analyze, and document APT-based tactics, techniques, and procedures.
Apr 2015 - Sep 2017
Security Operations Center Lead
- Team lead, responsible for two analysts in a 24x7 operating environment (as of December, 2013)- New hire trainer, responsible for training all new hire SOC analysts- Respond to security system alerts (Intrusion Detection System, Malware Runtime Environment, etc.)- Perform real-time monitoring and incident response: Triage, analyze, and remediate.
Aug 2012 - Apr 2015
Application Developer
2Wire / Pace Americas
- Developed and maintained Web-based applications for both internal and external partners- Developed, optimized, secured, and maintained application databases- Wrote and maintained applications written in PHP and SQL on a daily basis- Generated application functionality, risk, and disaster recovery documentation- Guaranteed software security by testing for.
Jan 2012 - Jul 2012
Technical Trainer
2Wire / Pace Americas
- Trained WAN, xDSL, VoIP, IPTV, and satellite infrastructure, design, and troubleshooting- Trained LAN (TCP/IP, DHCP, DNS, NAT) protocols; firewalls; routing; and the OSI model- Trained advanced 802.3 and 802.11 concepts, setup, and troubleshooting- Trained customer care techniques (e.g. "soft skills")(2Wire Inc. was purchased by Pace Americas in 2010)
Dec 2006 - Jan 2012
Owner / Consultant
Chapman Computer Repair
- Ran own consulting company in the Silicon Valley- Maintained clientele of single office/home office (SOHO) individuals/businesses- Maintained computer systems (Windows & Macintosh primarily)- Designed, implemented, and maintained wired and wireless networks
Aug 2001 - Jan 2005
2 education records
Ryan Chapman education
Graduate, Information Assurance
Regis University
Bs, Computer Networking W/Minor In E-Security
Regis University
FAQ
Frequently asked questions about Ryan Chapman
Quick answers generated from the profile data available on this page.
What company does Ryan Chapman work for?
Ryan Chapman works for Palo Alto Networks.
What is Ryan Chapman's role at Palo Alto Networks?
Ryan Chapman is listed as Threat Hunter | Host & Network Forensics | Malware Analysis | SANS Author (FOR528) & Instructor | CactusCon Crew | PluralSight Author at Palo Alto Networks.
What is Ryan Chapman's email address?
AeroLeads has found 1 work email signal at @cylance.com for Ryan Chapman at Palo Alto Networks.
What is Ryan Chapman's phone number?
AeroLeads has found 4 phone signal(s) with area code 831, 602, 631 for Ryan Chapman at Palo Alto Networks.
Where is Ryan Chapman based?
Ryan Chapman is based in Goodyear, Arizona, United States while working with Palo Alto Networks.
What companies has Ryan Chapman worked for?
Ryan Chapman has worked for Palo Alto Networks, Sans Institute, Cactuscon, Pluralsight, and Cylance Inc..
How can I contact Ryan Chapman?
You can use AeroLeads to view verified contact signals for Ryan Chapman at Palo Alto Networks, including work email, phone, and LinkedIn data when available.
What schools did Ryan Chapman attend?
Ryan Chapman holds Graduate, Information Assurance from Regis University.
What skills is Ryan Chapman known for?
Ryan Chapman is listed with skills including Security, Troubleshooting, Computer Security, Network Security, Firewalls, Tcp/Ip, Information Security, and Dns.
Find 750M verified contacts
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trial