DNS Security Workshop

/ Événements

How do Cybercriminals use DNS to steal Data?

presented by Infoblox Senior Systems Engineer Geriet Wendler

 

The Domain Name System (DNS) plays a critical role in modern network connectivity. Unfortunately, it is also a central part of many cyberattacks. DNS is involved in more than 90% of malware and nearly half of all ransomware and data exfiltration incidents.

Join us for this special, cost-free, DNS Security training as we examine the many ways cybercriminals exploit the unique properties of DNS.

 

Geneva: 28th of January 2020 - 08h15-11h30 (Hotel Mandarin Oriental)

Lausanne: 29th of January 2020 - 08h15-11h30 ( Hotel Alpha Palmiers)

s'inscrire

 

DNS Security Workshop

 

Attend this session and discover:

  • The various phases in the intrusion kill chain and how DNS is used in each phase
  • The technical mechanisms behind DNS as command and control (C&C) channel, data exfiltration, reconnaissance, protocol anomalies, exploits, hijacking, DGA and more
  • How DNS-based attacks actually work - Through real word examples, including malware, phishing campaigns, and advances persistent threats (APTs)

Who should attend?

Cybersecurity professionals responsible for protecting their networks from the broad range of cyberthreats.

Agenda:

  1. DNS in intrusion kill chain
  2. DNS as a covert communication channel - data exfiltration, C2 communication over DNS - live demo
  3. DNS tunneling, data exfiltration - detection via inline query analytics
  4. DGA - Domain Generation Algorithm and Dictionary DGA detection
  5. Lookalike domains and IDN homographs
  6. DNS Firewall
  7. Threat intelligence feeds for DNS
  8. Fresh domains as a way to overcome reputation-based solutions
  9. Threat intel data sharing with other security systems
  10. Security operations tools for domains and IP addresses investigation - live demo
  11. Mobile users security
  12. DNS security systems intefration with sandboxes, NACs, vulnerability scanners, endpoint protections systems, SIEMs and others
  13. IP Address database as a support for security investigation and mitigation
  14. Public DNS protection
  15. Domain hijacking as a way to break a few layers of security


Event information:

28th of January in Hotel Mandarin Oriental, Quai turretini 1, 1201 Geneva

29th of January in Hotel Alpha Palmiers, Rue du petit chêne 34, 1003 Lausanne

8h15-8h30: Welcome participants

08h30-11h30: Breakfast and Security Workshop

11h30: End of the workshop

 


*exact place will be communicated later.