Anatomy of how stolen data appears on the dark web (and why you should care)
- Tyler Carbone, Chief Product Officer
- Monday, September 24th, 12:30pm - 1:15pm
The dark web is a structured economy which hosts various marketplaces, some dedicated exclusively to trading and selling stolen data. Security organizations are responsible for specific data that is important and valuable to their companies, as well as to criminals who look to monetize that same data. This includes everything from personal data (PII and account credentials) to financial data (payment card details, payroll records) to broader corporate data (employee, executive, and board member personal information, proprietary data, intellectual property, and source code).
How data is sold, how it appears, and how it is valued on the dark web are key factors to consider when updating security measures at a network level. With a comprehensive understanding of how illegal marketplaces are structured and operated, organizations can proactively place the right assets under monitoring and reactively confirm if detected data under monitoring leaked from their systems or from a third party, speeding up the remediation time and decreasing overall damage. You canāt stop everything, but by using data intelligence, organizations can have visibility into their exposure on the dark web, helping to reduce the risk of the inevitable data exposure.
Key takeaways:
- Examples of how stolen data appears for sale on the dark web
- How to confirm if data found on the dark web came from your system or from a third party
- How criminals monetize each type of listing
- How to use dark web data with log data to aide in the investigation process
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Sunday, September 23
Session | Speaker | Time | Type |
---|---|---|---|
General Session - Welcome to SANS | Bryan Simon | Sunday, September 23rd, 8:00am - 8:30am | Special Events |
WMI Attacks - What You Don't Know CAN Hurt You | Chad Tilbury | Sunday, September 23rd, 7:15pm - 9:15pm | Keynote |
Monday, September 24
Session | Speaker | Time | Type |
---|---|---|---|
Adaptive Defense 360: Differentiating Values in Endpoint Visibility and Control | Rui Lopes, North America Pre-Sales Engineering Manager | Monday, September 24th, 12:30pm - 1:15pm | Lunch and Learn |
The Art of Collaboration | Joe Gehrke, Senior Sales Engineer | Monday, September 24th, 12:30pm - 1:15pm | Lunch and Learn |
Tapping Wires: Easy DNS Security Analysis | Lennart Koopmann, Founder | Monday, September 24th, 12:30pm - 1:15pm | Lunch and Learn |
Anatomy of how stolen data appears on the dark web (and why you should care) | Tyler Carbone, Chief Product Officer | Monday, September 24th, 12:30pm - 1:15pm | Lunch and Learn |
Risk IQ Product Test Drive | — | Monday, September 24th, 6:00pm - 8:00pm | Vendor Event |
Traveling Paranoid (but not too Paranoid) | Philip Hagen and Chris Crowley | Monday, September 24th, 7:15pm - 8:15pm | SANS@Night |
So, You Wanna be a Pentester? | Adrien de Beaupre | Monday, September 24th, 7:15pm - 8:15pm | SANS@Night |
Continuous Security: Monitoring & Active Defense in the Cloud | Eric Johnson | Monday, September 24th, 7:15pm - 8:15pm | SANS@Night |
Could We Have Stopped This? Attack Simulations for Blue Team Hardening | Alissa Torres | Monday, September 24th, 7:15pm - 8:15pm | SANS@Night |
Hacking Dumberly, Just Like the Bad Guys | Tim Medin | Monday, September 24th, 8:15pm - 9:15pm | SANS@Night |
Let's Go Hunting Bad Guys | John Strand | Monday, September 24th, 8:15pm - 9:15pm | SANS@Night |
Stuck in the Box, a SIEM's Tale | Justin Henderson | Monday, September 24th, 8:15pm - 9:15pm | SANS@Night |
Tuesday, September 25
Session | Speaker | Time | Type |
---|---|---|---|
Coffee & Donuts with the Graduate Students | — | Tuesday, September 25th, 7:30am - 9:00am | Reception |
Solutions Expo | — | Tuesday, September 25th, 12:00pm - 1:30pm | Vendor Event |
Solutions Expo | — | Tuesday, September 25th, 5:15pm - 7:15pm | Vendor Event |
GIAC Overview Presentation | Jeff Frisk | Tuesday, September 25th, 6:30pm - 7:15pm | Special Events |
APAC Student Reception at Network Security 2018 | — | Tuesday, September 25th, 6:30pm - 7:30pm | Reception |
Responding to the European Union's new General Data Protection Regulation | Ben Wright | Tuesday, September 25th, 7:15pm - 8:15pm | SANS@Night |
Defense Is Doable - Breaking The Cyber Kill Chain | Erik Van Buggenhout & Stephen Sims | Tuesday, September 25th, 7:15pm - 8:15pm | SANS@Night |
Women's Connect & SANS Summits Workshop: How to Write Presentation Proposals for Cybersecurity Conferences | Alissa Torres, Heather Mahalik, My-Ngoc Nguyen, Phil Hagen, and Sarah Edwards | Tuesday, September 25th, 7:15pm - 8:15pm | Special Events |
An Evening of Hacking the Internet of Things (IoT) | Stephen Sims, James Lyne, Tim Medin, & Jim Shewmaker | Tuesday, September 25th, 7:15pm - 10:00pm | Special Events |
What is NetWars? Why play? Feel intimidated? | Jeff McJunkin | Tuesday, September 25th, 7:15pm - 8:15pm | SANS@Night |
Nation State LevelHoneypotting: Emulating Vulnerable Applications at Scale | Dr. Johannes Ullrich | Tuesday, September 25th, 8:15pm - 9:15pm | SANS@Night |
Blockchain 101 | G. Mark Hardy | Tuesday, September 25th, 8:15pm - 9:15pm | SANS@Night |
Wednesday, September 26
Session | Speaker | Time | Type |
---|---|---|---|
Creating a Self-Service AppSec Program: Automate Testing During Development | Ed Arnold, Solution Architect | Wednesday, September 26th, 12:30pm - 1:15pm | Lunch and Learn |
Defense against targeted custom malware with Deep Learning For whom the malware tolls: Introduction to Deep Learning | Cameron Byers, Sales Engineer | Wednesday, September 26th, 12:30pm - 1:15pm | Lunch and Learn |
The Real Deal About AI | Allan Klein, Sales Engineer | Wednesday, September 26th, 12:30pm - 1:15pm | Lunch and Learn |
Achieving SOC-sess with Security Orchestration and Automation | Nimmy Reichenberg | Wednesday, September 26th, 12:30pm - 1:15pm | Lunch and Learn |
Saturday, September 29
Session | Speaker | Time | Type |
---|---|---|---|
GSE Lab Examination | — | Saturday, September 29th, 8:00am - 5:30pm | Special Events |
Sunday, September 30
Session | Speaker | Time | Type |
---|---|---|---|
GSE Lab Examination | — | Sunday, September 30th, 8:00am - 5:30pm | Special Events |