Behavioral Analysis from DNS and Network Traffic

Presented at BSidesLV 2017, July 25, 2017, 6 p.m. (55 minutes).

Using behavioral analysis, it's possible to observe and create a baseline of average behavior on a network, enabling intelligent notification of anomalous activity. This talk will demonstrate methods of performing this activity in multiple environments. Attendees will learn new methods which they can apply to further monitor and secure their networks.


Presenters:

  • Josh Pyorre - Security Analyst - Cisco Umbrella (formerly OpenDNS)
    I've been in security for about 20 years, starting as a field service engineer, moving on to sysadmin and running my own consulting company. I then worked at NASA as their first analyst for their new SOC. After a few years, I went to work for Mandiant to help them build their SOC, then I returned to NASA as a threat analyst. I left NASA 2 years ago for OpenDNS, which was acquired by Cisco shortly after. I spend my time analyzing domains, DNS logs, malware, IP's and tons of other fun stuff. Computer and data security is my passion and I find great joy in helping keep 'The Cybers' as secure as possible. I also hosted and wrote music for the first season of rootaccesspodcast.com. Other things I love: camping, cats, riding motorcycles, travel, eating delicious and weird things, krav maga and making dark electronic music. Find me on twitter: @joshpyorre

Links:

Similar Presentations: