Presented at
BSidesSF 2017,
Feb. 12, 2017, 3:30 p.m.
(30 minutes)
Have you ever had to look up an IP address, domain name, or URL to decide if it is a threat, and if it is targeting you?, Do you ever need to analyze what what malicious action it just took on your potentially-compromised users? If yes - this session is for you!
It's time to move beyond simple Whois & PDNS lookups, and noisy threat feeds. Learn how to combine SSL cert facet data with tracking IDs like Google Analytics, ad-trackers, performance management trackers; host-pair relationships; technology stack fingerprints; detect, verify, and stop your adversaries' next attacks.
Presenters:
-
Steve Ginty
-
Arian J Evans
- VP Product Strategy - RiskIQ
Arian Evans is an 18-year #infosec veteran. As VP of Product Strategy Arian guides RIskIQ technology to enable enterprises to manage their attack surface & detect external threats.
Prior to RiskIQ Arian spent 8 years at WhiteHat Security as VP of Ops & Product Strategy, building WhiteHat's Threat Research Center and service delivery testing over 40,000 applications. Career work includes Appsec Lead for FishNet Security; IPO @USCentral; engineering at financial services organizations; frequent speaker at industry conferences including BlackHat, Derbycon, OWASP, & RSA; dropping 0days in widely-deployed products from Cisco, Microsoft, Nokia, etc. & #DFIR for global organizations & TLAs.
Links:
Similar Presentations: