Hi [[ session.user.profile.firstName ]]

Turbocharge your Cyber Investigations, Part 1

While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.

In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on Passive DNS, Whois and Malware data. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.
Recorded Oct 13 2016 32 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jeff Lenton, Solutions Architect, RiskIQ
Presentation preview: Turbocharge your Cyber Investigations, Part 1

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • SANS & RiskIQ – Putting Digital Threat Investigation & Response into Hyperdrive Recorded: Aug 24 2017 61 mins
    Dave Shackleford, SANS analyst and principal consultant, Voodoo Security and Beckie Neumann, RiskIQ
    Given the innovation and dynamics of web, social and mobile attacks targeting consumers and employees alike, progressive organizations are adopting machine learning and workflow orchestration to accelerate external exploit, adversary and exposure investigation and response. Beyond threat intelligence, where can security teams further automate, integrate and coordinate resources? Join SANS expert Dave Shackleford and Beckie Neumann, technical product manager at RiskIQ, as they share techniques and technology to empower security analysts and advance digital defenses.

    Through practical use cases and real-world examples, webinar attendees will explore how to:

    Apply predictive analytics to thwart threats
    Identify complex attack surface gaps
    Expedite external to internal event triage
    Construct workflows to take down external threats
    Integrate derived threat data with SOC and GRC tools
  • NoTrove: A Deep Dive into a Scam Empire Recorded: Aug 24 2017 37 mins
    Ian Cowger, Threat Researcher, RiskIQ
    Earlier this year, RiskIQ reported an eightfold increase in internet scam incidents, which deny the $83 billion digital advertising industry millions of dollars. Since then, we’ve identified a particularly prolific threat actor that’s built out wide swaths of infrastructure to deliver millions of scam ads, threatening consumers and undermining the digital advertising industry.

    Based on the RiskIQ report released in April, NoTrove: The Threat Actor Ruling a Scam Empire, report author and RiskIQ Threat Researcher Ian Cowger and Technical Marketing Manager Benjamin Powell will walk you through how “NoTrove,” a scam actor named after its URI pattern and penchant for denying victims “troves” of rewards, uses its scam empire and advanced automation techniques to stay ahead of detection and takedown efforts.

    Watch the Threatcast™ for a deep dive on:

    How scams are becoming a lucrative and increasingly popular method for threat actors and why they’re bad news for the digital advertising ecosystem
    What the different variants of NoTrove campaigns look like—software downloads, PUP redirections, and fake rewards downloads—and what the redirection sequence looks like when victims click and are redirected to unwanted places across the internet
    How NoTrove domains are able to command so much traffic, many shoot well up into the Alexa top 10,000
    How RiskIQ’s unique machine learning technology is able to detect scams, even as threat actor tactics evolve, to enable ad networks and publishers to block NoTrove infrastructure, even as it changes, evolves, and rotates
  • What you don’t know CAN hurt you. Are you GDPR PII compliant? Recorded: Jul 11 2017 46 mins
    Bob Tarzey, Quocirca analyst and director, Fabian Libeau, RiskIQ technical director
    With GDPR fast approaching, do you know everywhere you’re collecting PII?

    The EU General Data Protection Regulation (GDPR) includes new requirements and controls on the online processing of personally identifiable information (PII) and large fines if poor practice leads to short comings in processing controls or lead to a data breach. RiskIQ’s recent research into leading UK organisations shows that there is still much to be done to comply with the regulation.

    Join us for this webinar with Bob Tarzey, Quocirca analyst and director, and Fabian Libeau, RiskIQ EMEA Technical Director. Topics covered include:

    - What are the changes to online information processing introduced by GDPR and how do they differ from current data privacy legislation?
    - What are the common issues organisations face to comply?
    - How can RiskIQ help?
    - Case Study example
  • Digital Risk Management Maturity Model Recorded: May 3 2017 52 mins
    Nick Hayes, Sr. Analyst, Forrester and Sam Curcuruto, Sr. Product Manager, RiskIQ
    How mature is your organization’s digital risk management program?

    For many organizations, multichannel access to information, including web, mobile and social channels, presents new digital threats that are often overlooked. Join senior security analyst Nick Hayes of Forrester Research, co-author of The Forrester Wave™: Digital Risk Monitoring, to discuss digital risk monitoring and management.

    Watch this webinar presented by Slashdot Media and sponsored by RiskIQ to learn how to gain visibility into, detect, and respond to digital threats of all kinds. We will discuss:

    How digital risk threatens your organization
    The Digital Risk Maturity Model
    The requisite processes and resources necessary to formalize and fine-tune digital risk management
    Where to prioritize your investment in digital risk for maximum impact
  • How RiskIQ Host Pairs Confirmed the Lazarus Group Attack on Polish Banking Recorded: May 2 2017 28 mins
    Gary Paluch Sr. Sales Engineer RiskIQ and Sam Curcuruto Sr. Product Marketer RiskIQ
    In this webinar, we break down a recent string of attacks against Polish banking institutions, which share traits with the 2014 assault on Sony Corp linked to the Lazarus Group.

    The example we examine reveals how this attack on the Polish Financial Supervision Authority is part of a larger international hacking effort.

    We run a live investigation of the attack and discuss key learnings including how:

    Host Pair data sets were crucial to confirming relationships to the KNF site that hosted the malicious iframe that pointed at two malicious URLs
    RiskIQ virtual users provide an understanding of exactly what happens when a page is loaded, uncover stealthy attacks that happen behind the scenes, and speed up confirmation and mitigation of threats
    Security teams can prevent and proactively investigate website compromises like this
  • Roll of the Dice: The Dangers of Third Party Code on Your Websites Recorded: Mar 9 2017 31 mins
    Fabian Libeau, EMEA Technical Director, RiskIQ
    Third-party website resources and code play an integral role in the online economy. They enable interactive sites that allow people to transact with their banks; shop online, watch movies or television, share photos, videos, documents and much more. Unfortunately, these resources also represent exploitable infrastructure that sits outside the control of an organisation's IT security team. As a result third party web components have become fertile ground for launching attacks and distributing malware. Addressing this challenge requires looking at security from a new perspective.

    In this webinar we will explore the different kinds of third party code that organisations host on their sites along with their security implications. We’ll show how an outside-in approach to security can provide the controls organisations require while at the same time protecting their customers and employees.
  • Security in the Age of Social Media Recorded: Jan 26 2017 33 mins
    Jeff Lenton, Solutions Architect, RiskIQ
    Social Media has come of age. Collectively, social platforms have attracted two-thirds of the world’s internet users with more joining every day. This ubiquity has led many organisations to make social an integral part of their digital channels strategy, along with their web presence and mobile apps.

    For organisations engaging in social media, the importance of having an advanced social media strategy is more critical than ever.


    During the session you will learn:
    * The attack methods hackers use to exploit social media platforms and profiles.
    * Which weaknesses cyber criminals look for so you can protect your company’s social media reputation.
    * How to strengthen your security approach to combat social media threats.
    * The defense techniques an organization must employ to prevent social phishing attacks, brand impersonation, recruiting scams, customer service impersonations, malware attempts, RDC, and more.
  • Who's Minding the Store? Protecting your mobile apps in the app store ecosystem Recorded: Nov 24 2016 30 mins
    Terry Bishop, EMEA Solutions Architect, RiskIQ
    The size, complexity, and dynamic nature of the global app store ecosystem make it increasingly difficult for brands to monitor their mobile presence and protect their customers from fraud. Once published, mobile apps can rapidly proliferate from official stores throughout the app store ecosystem, spreading to new stores and web download locations without the developer’s knowledge or consent and increasing the threat of apps being exploited, attacked or copied.

    In this session we will:

    - Explore the complexities of the worldwide app store ecosystem
    - Examine year over year RiskIQ research on mobile apps owned by or leveraging the brands of top UK organisations.
    - Highlight recent examples of malware, app re-packaging, data leakage and intellectual property violations presented by fraudulent and unauthorized apps
    - Show you how you can regain control of your mobile apps and take a proactive stance against malicious and rogue apps, taking them down before they compromise your organisation or your customers
  • What’s in an email? Your Attacker’s Footprint for Starters Recorded: Nov 7 2016 54 mins
    Brandon Dixon, PassiveTotal Co-founder
    Every day, threat actors send hundreds of thousands of malicious emails across the Internet to the inboxes of their targets. Subjects range from ad campaigns soliciting views of a particular product to sophisticated attacks masked as friendly correspondence between colleagues. For security analysts, these emails offer an immense source of information—particularly infrastructure data.

    RiskIQ’s PassiveTotal harnesses the power of big data analytics to surface the footprint of an attacker, making threat investigations and incident response quicker and more efficient than ever before. In this webinar, Brandon Dixon, creator of PassiveTotal, will break down a malicious email in real time to shed light on its nefarious sender.

    Don't already have a PassiveTotal account? Sign up here for free so you can follow along with the live investigation during the webinar.
  • Turbocharge your cyber investigations, Part 2 Recorded: Nov 3 2016 35 mins
    Jeff Lenton, Solutions Architect, RiskIQ
    While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.

    In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on SSL Certs, Host Pairs and Trackers. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.
  • Subdomain Infringement - The Unseen Threat That’s Running Rampant Recorded: Nov 1 2016 25 mins
    Beckie Neumann, Product Manager, RiskIQ
    Subdomain infringement degrades consumer trust in your brand and puts your customers at risk of giving up sensitive, potentially damaging information. Unfortunately, the traditional way of monitoring registrations leaves a lot to be desired—most don’t dig deeper than root domains, leaving the millions of fraudulent subdomains in use by threat actors undetected.

    In this webinar, find out how to leverage passive DNS data to go beyond WHOIS lookups and turn domain infringement detection into domain threat detection. Also learn:

    * How free and cheap domain registration and advanced tactics like domain shadowing enable threat actors to attain root domains and subdomains
    * How passive DNS helps threat researchers map their adversary’s infrastructure and make more connections about who is behind a brand infringement attack
    * How RiskIQ’s sophisticated crawling infrastructure and analysis platform gives security teams context around how an infringing domain is being used, and what level of threat it poses to the organization
  • Crucial Components of Digital Risk Monitoring Recorded: Nov 1 2016 59 mins
    Nick Hayes - Forrester Research, Security and Risk Analyst, Forrester Research - Arian Evans - VP Product Strategy
    RiskIQ Webinar feature Forrester Research

    The network perimeter that organizations have long relied on for protection from cyber-threats has evaporated. Businesses are engaging with their customers, vendors and partners across web, social and mobile channels. Threat actors are following suit, increasing the digital risk that organizations face. According to The Forrester Wave™: Digital Risk Monitoring, Q3 2016 (which cited RiskIQ as a Leader):,”Without comprehensively and persistently monitoring risk in digital channels, companies remain susceptible to a wide variety of brand, cyber, and physical risk events”. Every CISO and security leader must consider implementing a Digital Risk Monitoring strategy, or be at risk due to their expanding attack surface.

    In this one-hour presentation RiskIQ VP of Product Strategy Arian Evans and guest Forrester Research analyst Nick Hayes will cover:

    * Expanding threat landscape via digital—web, social and mobile—channels
    * Requirements for a comprehensive digital risk monitoring (DRM) strategy
    * Necessary security technology elements for DRM program implementation
    Join this live webinar to learn more about this growing digital risk landscape, and how you can help better protect your organization’s most critical assets, its customers, and brand.
  • Risks Facing Financial Services During their digital Transformation Recorded: Nov 1 2016 42 mins
    Aarij Khan, Head of Product Marketing, RiskIQ
    Most banks are in some stage of digital transformation initiatives that help them stay relevant in a highly competitive market. In fact, McKinsey & Co. estimates that "digital laggards" could see over a third of their net profit erode, while the leaders could realize a profit upside of 40% or more.

    But as financial institutions charge ahead with their adoption of digital channels for front-end sales, marketing, back-end operations and customer interaction, they must not ignore the dramatic increase in cyber security risk their digital transformation introduces.

    Join RiskIQ to learn about the ways cybercriminals could exploit banks' increased digital presence, and how to manage these enhanced levels of risk while realizing the benefits of your innovation.
  • Turbocharge your Cyber Investigations, Part 1 Recorded: Oct 13 2016 32 mins
    Jeff Lenton, Solutions Architect, RiskIQ
    While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.

    In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on Passive DNS, Whois and Malware data. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.
External Threat Management
Webinar topics cover securing your public facing web, mobile and social assets, combatting impersonation and rogue digital assets and discovering the digital assets owned by your cyber adversaries

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Turbocharge your Cyber Investigations, Part 1
  • Live at: Oct 13 2016 1:00 pm
  • Presented by: Jeff Lenton, Solutions Architect, RiskIQ
  • From:
Your email has been sent.
or close