Behavioral Analysis from DNS and Network Traffic

Presented at BSidesLV 2017, July 25, 2017, 6 p.m. (55 minutes)

Using behavioral analysis, it's possible to observe and create a baseline of average behavior on a network, enabling intelligent notification of anomalous activity. This talk will demonstrate methods of performing this activity in multiple environments. Attendees will learn new methods which they can apply to further monitor and secure their networks.

Presenters:

• Josh Pyorre - Security Analyst - Cisco Umbrella (formerly OpenDNS)
  I've been in security for about 20 years, starting as a field service engineer, moving on to sysadmin and running my own consulting company. I then worked at NASA as their first analyst for their new SOC. After a few years, I went to work for Mandiant to help them build their SOC, then I returned to NASA as a threat analyst. I left NASA 2 years ago for OpenDNS, which was acquired by Cisco shortly after. I spend my time analyzing domains, DNS logs, malware, IP's and tons of other fun stuff. Computer and data security is my passion and I find great joy in helping keep 'The Cybers' as secure as possible. I also hosted and wrote music for the first season of rootaccesspodcast.com. Other things I love: camping, cats, riding motorcycles, travel, eating delicious and weird things, krav maga and making dark electronic music. Find me on twitter: @joshpyorre

Links:

• https://bsideslv2017.sched.com/event/BNGs/behavioral-analysis-from-dns-and-network-traffic
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/Behavioral Analysis from DNS and Network Traf.mp4
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/Behavioral Analysis from DNS and Network Traf.eng.srt (subtitles)
• https://www.youtube.com/watch?v=hijd5bUABDs

Similar Presentations:

• DeepSec 2016 „Ten“ / Behavioral Analysis from DNS and Network Traffic