Introducing IP Hotlist
There is a game afoot between defenders and attackers, a live action Spy vs. Spy, retrofitted with more hoodies of course. Aside from our primary enemy, malicious actors, our second greatest nemesis is a lethal combination of Father Time and an influx of alerts making it challenging to limit damage to our organizations. From a network defense perspective, a substantial area of risk involves traffic from the protected environment to threat-actor-controlled assets. These connections enable malware downloads or command and control, data exfiltration, espionage and so on. Compounding this challenge, many log and event sources provide only IP addresses (as opposed to domains) as the traffic destination in their records when it comes to visibility and situational awareness.
To that end, we are excited to introduce our IP Hotlist, which provides SOC and threat intelligence personnel with context around IPs to assess the risk associated with an event. Join Pat McGarry, Chief Technology Officer at Bandura Cyber and Dan Fernandez, Senior Product Manager at DomainTools, to learn how the DomainTools IP Hotlist empowers network defenders and threat analysts across organizations to proactively deter threats to their networks or gain better insights on IP addresses that appear in alerts.
This webinar will include:
- A deep dive into the components that make up IP Hotlist
- Insight into Bandura Cyber’s process for evaluating threat intelligence lists and feeds
- Real world examples of IP Hotlist in action
