This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Thursday, October 10 • 1:00pm - 5:00pm
TH-3011 Passive DNS & pBGP in Depth Lab

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Passive DNS in Depth
Passive DNS (pDNS) data is a treasure trove of information for security teams, intelligence teams, network operations teams, and security research teams alike. By keeping an historical record of DNS results of time this data empowers many different teams to enrich and produce intelligence information for a variety of purpose. Merger and acquisition teams can look for internet facing, and sometimes internal, IT resources that may not have been declared. Blue teams can monitor for mis-configuration of DNS, research malware, develop threat signatures, and in many cases monitor for shadow IT. Red teams can use this information to exploit DNS misconfigurations, find additional assets, and pattern match target IT infrastructure. Security researchers are limited only by their imagination and time.
Passive BGP (pBGP) data can enable network operations teams to quickly spot problems. pBGP data is also useful to help determine if problems were a result of a simple misconfiguration or a part of a more nefarious operation.
Understanding the architecture and methodology of pDNS and pBGP is critical to end users of this data. By having a deeper understanding of the architecture (collection, storage, and query methodologies), individuals and teams will be more able to fully capitalize on the enrichment and context building capabilities of the data. As well as architecture, this course will cover a variety of scenarios for organizations of all sizes and maturity to help enable the use and integration of pDNS and pBGP data as a part of security and network operations.

avatar for Donald Mac McCarthy

Donald Mac McCarthy

Director of Field Operations, Open Source Context
Mac is a 17 year veteran of the IT industry. He has experience worked for organization ranging in size from 10 to 200,000+ employees. Mac has been involved in information security for the past 9 years with organizations in the academic, healthcare and financial, and public sectors... Read More →

Thursday October 10, 2019 1:00pm - 5:00pm CDT
CROCKETT 4-D ICS SCADA HAVEN 600 E Market St, San Antonio, TX Floor 4

Attendees (2)