Turbocharge your Cyber Investigations, Part 1

Presented by

Jeff Lenton, Solutions Architect, RiskIQ

About this talk

While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation. In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on Passive DNS, Whois and Malware data. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (857)
Subscribers (48085)
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.