Threat Hunting via DNS with Eric Conrad - SANS Blue Team Summit 2020
Рет қаралды 21,970
4 жыл бұрынDNS logs are one of the most powerful threat hunting resources, but encryption is rapidly changing that equation.
Key DNS threat hunting techniques include detecting DNS tunneling and Domain Generation Algorithms (DGAs). It used to be simple(r): log DNS requests and responses on DNS forwarders, or sniff and analyze via tools like Zeek.
DNS over TLS (DoT) and DNS over HTTPS (DoH) are disrupting the status quo: where does that leave network defenders? This talk will analyze the current state of DNS monitoring, and provide actionable steps for detecting malice on your network via DNS.
Eric Conrad @eric_conrad Fellow, SANS Institute
@NeonNotch 2 жыл бұрын
This man is part of the 1% of individuals. Highly intelligent, charismatic, easy to understand. Great talk, thank you!
@Francois-B-Arthanas 3 жыл бұрын
Eric - You are amazing 🤩. Thank you 🙏 for everything you do for the Cyber community.
@sammo7877 2 жыл бұрын
I'm not going to get into the encrypted DNS debate - gets into the debate :D great talk btw!
@vonniehudson 2 жыл бұрын
NULL records… taking that one home. Never knew about that
@sidss007 2 жыл бұрын
Your course on Building your own cyber lab is awesome.
@vonniehudson 2 жыл бұрын
@@sidss007 which one?
@dustyrose8010 Жыл бұрын
@@vonniehudson hi I'm dusty
@mohammadaassif Жыл бұрын
Sir Eric - You are amazing in your teaching method i am fun.
@mar002007 2 жыл бұрын
Is this the Nelson Sullivan’s Eric?
SANS Cyber Defense
Рет қаралды 12 М.
SANS Institute
Рет қаралды 10 М.
SANS Digital Forensics and Incident Response
Рет қаралды 8 М.
SANS Digital Forensics and Incident Response
Рет қаралды 13 М.
SANS Digital Forensics and Incident Response
Рет қаралды 30 М.
CNBC International TV
Рет қаралды 10 М.
Security Onion
Рет қаралды 2,6 М.
Распаковочка у Андрея
Рет қаралды 498 М.
Nir Gaming
Рет қаралды 3 МЛН
Immersed
Рет қаралды 7 МЛН