From the Front Lines: Practical Application of DNS Threat Intel Data
Security teams today are compelled to make fast, and accurate decisions about which threats present the highest risk to their organization, and how to defend against them. As attacks and attackers continue to evolve, security professionals have the opportunity to leverage breadcrumbs from DNS and Domain data to craft an active defense.
In this webinar, Robert M. Lee of Dragos Security LLC provided a thorough analysis of BlackEnergy 2/3 while Tim Helming of DomainTools walked through why adversary analysis matters, and how to triage indicators and asses threats.
In this webcast, we covered:
- How DNS intelligence exposed the attack infrastructure behind one of the most sophisticated ICS (Industrial Control Systems) malware families;
- Other examples of breaches and attack scenarios where domain profile information could have helped detect or prevent the attacks;
- Specific indicators of attack and potential compromise that can be found in DNS, both internally and externally;
- Ways to better defend against attacks and data exfiltration using DNS and large-scale threat intelligence.