DNS Security Workshop
How do Cybercriminals use DNS to steal Data?
presented by Infoblox Senior Systems Engineer Geriet Wendler
The Domain Name System (DNS) plays a critical role in modern network connectivity. Unfortunately, it is also a central part of many cyberattacks. DNS is involved in more than 90% of malware and nearly half of all ransomware and data exfiltration incidents.
Join us for this special, cost-free, DNS Security training as we examine the many ways cybercriminals exploit the unique properties of DNS.
Geneva: 28th of January 2020 - 08h15-11h30 (Hotel Mandarin Oriental)
Lausanne: 29th of January 2020 - 08h15-11h30 ( Hotel Alpha Palmiers)
Attend this session and discover:
- The various phases in the intrusion kill chain and how DNS is used in each phase
- The technical mechanisms behind DNS as command and control (C&C) channel, data exfiltration, reconnaissance, protocol anomalies, exploits, hijacking, DGA and more
- How DNS-based attacks actually work - Through real word examples, including malware, phishing campaigns, and advances persistent threats (APTs)
Who should attend?
Cybersecurity professionals responsible for protecting their networks from the broad range of cyberthreats.
- DNS in intrusion kill chain
- DNS as a covert communication channel - data exfiltration, C2 communication over DNS - live demo
- DNS tunneling, data exfiltration - detection via inline query analytics
- DGA - Domain Generation Algorithm and Dictionary DGA detection
- Lookalike domains and IDN homographs
- DNS Firewall
- Threat intelligence feeds for DNS
- Fresh domains as a way to overcome reputation-based solutions
- Threat intel data sharing with other security systems
- Security operations tools for domains and IP addresses investigation - live demo
- Mobile users security
- DNS security systems intefration with sandboxes, NACs, vulnerability scanners, endpoint protections systems, SIEMs and others
- IP Address database as a support for security investigation and mitigation
- Public DNS protection
- Domain hijacking as a way to break a few layers of security
28th of January in Hotel Mandarin Oriental, Quai turretini 1, 1201 Geneva
29th of January in Hotel Alpha Palmiers, Rue du petit chêne 34, 1003 Lausanne
8h15-8h30: Welcome participants
08h30-11h30: Breakfast and Security Workshop
11h30: End of the workshop
*exact place will be communicated later.