Hi [[ session.user.profile.firstName ]]

Awake Security

  • Date
  • Rating
  • Views
  • Crouching Miner, Hidden Exfil: The Saga Continues
    Crouching Miner, Hidden Exfil: The Saga Continues
    Troy Kent, Threat Researcher, Awake Security Recorded: Jan 16 2019 34 mins
    Everyone talks about alert fatigue and the unfortunate reality of overworked and undertrained analysts. What happens though when attackers start to focus on that reality as a point of failure? In this webinar, we will discuss how trivial this can be for an attacker. Using minimal time and open source tools, we will fly under the radar by taking advantage of analyst biases and assumptions. We'll specifically explore how we can edit an open source miner to make it fileless, and then use it for command and control and to exfiltrate data. We will then show how artificial intelligence and advanced network traffic analysis tools detect threats such as these and enable you to respond decisively.

    Key Learning Objectives include:

    - Discuss the not-so-obvious challenges alert fatigue poses

    - Illustrate with an example how attackers hide in plain sight

    - See how AI can help the analyst find and then respond to these attackers
  • (JA)3 Reasons to Rethink Your Encrypted Traffic Analysis Strategies
    (JA)3 Reasons to Rethink Your Encrypted Traffic Analysis Strategies
    Troy Kent, Awake Security & Dave Shackleford, SANS Recorded: Jan 8 2019 62 mins
    The network has a ground-truth property that is hard to replicate with other security data sources. So, for years the network has been a valuable source of insight that enabled effective detection and response. However, the network is becoming increasingly opaque as the definition of the network itself changes with cloud computing and as more of the data on the network is encrypted. This means security teams are losing visibility into this powerful data source, just as attackers use techniques like encryption to evade traditional detection methods. In this talk, we will cover one aspect of this challenge: encryption on the wire. With the specific use case of identifying and profiling applications behind the encryption, we will discuss the current state of the art when it comes to encrypted traffic analysis. The talk will highlight some of the shortcomings in current approaches including fingerprint libraries like JA3. We will also dive deep into some strategies that are effective, yet not noisy for the security team. Finally, we will provide guidance on the capabilities your security stack needs in order to shine light into encrypted traffic on the wire.
  • Remote Access Tools: The Hidden Threats Inside Your Network
    Remote Access Tools: The Hidden Threats Inside Your Network
    David Pearson, Principal Threat Researcher, Awake Security Recorded: Dec 18 2018 24 mins
    Many remote access tools are used legitimately and not considered malware. However, these tools actively bypass network controls, obscuring which parties are communicating, when, and how. This ability to fly under the radar is attractive to malicious insiders and outside attackers alike. This talk will discuss common techniques these tools use and how security teams can find and understand them.

    In this webinar you will:

    1) Gain an understanding of why remote access tools should be on your radar
    2) Learn common techniques used by remote access tools to bypass conventional detections
    3) Learn how to dissect remote access tools within Wireshark
    4) Discover information that is sometimes leaked by these programs
    5) Learn how to abstract out detection capabilities for this class of programs
  • Threat Prevention for Financial Services
    Threat Prevention for Financial Services
    Elizabeth Duke, Dr. Hongwen Zhang (Wedge Networks), Michael Callahan (Awake Security), Matt Van Buskirk (Hummingbird) Recorded: Mar 14 2018 62 mins
    Bank breaches, hacks, and advanced fraud cases are unfortunately becoming common news headlines. With criminals getting smarter and more of the world's wealth at risk, organisations need to constantly stay one step ahead.

    Join this panel where security experts will discuss:
    -Preventing both outside and insider threats
    -Using analytics and machine learning to prevent attacks before they hit
    -Protecting valuable customer data from malware and data breaches
    -The challenges with mobile banking and payment security
  • The Goldilocks Problem of AI in Security: How to Find the “Just Right” Use Cases
    The Goldilocks Problem of AI in Security: How to Find the “Just Right” Use Cases
    Gary Golomb, Co-founder and Chief Research Officer, Awake Security Recorded: Jan 17 2018 49 mins
    Like many technologies, artificial intelligence (AI) and machine learning (ML) are "just right" for some types of problems, but are often over-sold for others they are just not well-suited for. This webinar will dive into the characteristics of problems that AI/ML can greatly help enterprise security teams solve, but also contrast those against use cases where AI/ML is a much higher risk for those same resource-strapped teams. In those situations, the technology can actually worsen the skills deficit in the organization, rather than making it better.

    Attending this webinar will give you a framework for evaluating AI/ML technologies, including:

    - When can AI/ML indeed replace people, and when is it better suited to assist people?
    - What types of threats is it best suited for?
    - How does AI/ML fit in with other methodologies like security analytics, for threat detection?
    - How can AI/ML help with security investigations and incident response?
    - How can organizations evaluate vendor claims and ask them the right questions?

Embed in website or blog