Mapping Attack Infrastructure: Leave Your Foe With Nowhere to Hide

  • Thursday, 31 Mar 2016 1:00PM EDT (31 Mar 2016 17:00 UTC)
  • Speakers: John Pescatore, Stephen Ginty

Attackers get away with Advanced Persistent Threats (APTs) by hiding their attack infrastructure in the vastness of the Internet. If you are an analyst, you need a way to stay ahead of your foe. RiskIQ's PassiveTotal makes it easy for analysts to investigate threats, using critical data sets to reveal the full scope of the adversary's infrastructure. Once the adversary's digital footprint is illuminated, it's quicker and easier for an organization to respond to incidents and proactively defend their environments. RiskIQ's PassiveTotal founder and Sr. Product Manager, Steve Ginty will demonstrate how effective it is to bring context to incidents using PassiveTotal.

In this webinar Steve will:
  • Show you how to use RiskIQ's PassiveTotal Platform to illuminate an attacker's infrastructure, improve analysis, visualize data, integrate toolchains, and block future attacks.
  • Provide an overview into infrastructure analysis and methodologies
  • Demonstrate how to use IOCs to quickly map attack infrastructure.
  • Discuss the most useful datasets (i.e. WHOIS, DNS, SSL Certificates, etc.) to bring context to an attack.