Best Offers of the Year Ends Tomorrow - Don't Miss Out! Get an iPad Air with Smart Keyboard or Pixel 4a Smartphone!

Cyber Solutions Fest 2020 - Live Online

Virtual, US Eastern | Thu, Oct 8 - Fri, Oct 9, 2020

DNS Wars: DNS-over-TLS vs DNS-over-HTTP

  • Peter Lowe
  • Thursday, October 8th, 3:30pm - 3:50pm

There's a war brewing in the DNS world. One of the last internet protocols to remain unencrypted, DNS, now has two standards being brought forth. Mozilla and Google are pushing to have DNS-over-HTTPS (DoH) as the new standard, while other DNS experts say that DNS-over-TLS (DoT) is better for security and privacy.

Peter Lowe (Security Researcher at DNSFilter) leads the discussion for this Tech Talk. He will cover:

  • The state of DNS encryption
  • Pros and cons of DoH adoption
  • How companies are using EDNS with DoH
  • What does the adoption for DoH mean for organizations

DNS-over-HTTPS is starting to be rolled out for various platforms: it's been enabled in Firefox by default since February this year and Chrome since March, and now is starting to be embedded into Windows, MacOS, and iOS. Because it runs over HTTPS rather than the standard port 53, and can't easily be disabled, this is going to impact organizations in a variety of ways - most importantly because the fire-and-forget method of enabling DNS protection can be easily bypassed by end users.

There are various ways of getting around this - system settings, canary domains, registry tweaks - and it's on IT administrators to educate themselves and keep up to date, especially since a large part of the standard has yet to be finalised.

There's also a larger discussion about what it means for the entire Internet. If nation states decide they can't implement blocking on a DNS level, and every device is essentially using a VPN, they might decide that all traffic needs to be inspected.

DNSFilter

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

Thursday, October 8
Session Speaker Time Type
Reducing MTTR with SOAR and Threat Intelligence Jay Spann Thursday, October 8th, 12:30pm - 12:50pm Tech Talk
Strengthen Incident Investigation and Response with Passive DNS Carel Bitter Thursday, October 8th, 1:00pm - 1:20pm Tech Talk
Solving Asset Management for Cybersecurity or Isn't Asset Management Sexy? Nathan Burke Thursday, October 8th, 1:30pm - 2:05pm Tech Talk
New Umbrella features in Viptela/vManage Chris Bilodeau Thursday, October 8th, 2:30pm - 2:50pm Tech Talk
What's Under The Hood In Your Devices? John Loucaides Thursday, October 8th, 3:00pm - 3:20pm Tech Talk
DNS Wars: DNS-over-TLS vs DNS-over-HTTP Peter Lowe Thursday, October 8th, 3:30pm - 3:50pm Tech Talk
Friday, October 9
Session Speaker Time Type
Chrome Extensions: Security Violation Rebecca Blair Friday, October 9th, 12:30pm - 12:50pm Tech Talk
TLS, Compliance and Zero Trust - Protecting Users from Themselves Babur Khan Friday, October 9th, 1:30pm - 1:50pm Tech Talk
Wargaming: The Who, What and How of a Strategic Tabletop Exercise Joshua Harr Friday, October 9th, 2:00pm - 2:20pm Tech Talk
Beefing Up Endpoint Protection with Behavioral Isolation Mark Gentile Friday, October 9th, 2:30pm - 2:50pm Tech Talk
Playbooks: High Fidelity Network Data can Greatly Reduce Alert Fatigue Alex Kirk Friday, October 9th, 3:00pm - 3:20pm Tech Talk