homepage
Open menu
Contact Sales

SANSFIRE 2022 Bonus Session - DNS Data Driven Threat Hunting with DomainTools

When adversaries register malicious domains for C2 servers, phishing servers, or payload servers, the choices they make when it comes to registration, hosting, certificates, mail servers and more can be useful in determining their targets and discovering a fuller picture of their operations in DNS.

This can help defenders by increasing the speed at which they can assess and act on this activity. In this session attendees will learn how to use DomainTools to:
  • Identify attacks while they are still in the setup stage
  • Take a single element, like a domain name, and pivot on it to discover a broader map of adversary infrastructure
  • Monitor for new activity matching adversary patterns in DNS
Login to Register
SANSFIRE_2022_-_Reg_Page.png

Sponsor

DomainTools_Logo_Color_(1).png

Related Content

Blog
CTI_Blog_part_1_(1).png
Digital Forensics, Incident Response & Threat Hunting
Helping CTI Analysts Approach and Report on Emerging Technology Threats and Trends (Part 2)
How to approach, research, and develop analytic assessments on emerging technologies and threat trends (Part 2)
John_Doyle_370x370.png
John Doyle
read more
Blog
FOR589_Blog.png
Digital Forensics, Incident Response & Threat Hunting
Evolution of Cybercriminal Operations in 2023
FOR589: Cybercrime Intelligence authors share the top cybercriminal evolutions to focus on after examining CrowdStrike's 2023 Threat Hunting Report
Will_Thomas_370x370.png
Will Thomas
read more
Blog
Linux.png
Digital Forensics, Incident Response & Threat Hunting
Linux Intrusions – A Growing Problem
As the reports from TechJury and Trend Micro illustrate, the need for comprehensive Linux security knowledge has never been greater.
Taz_Wake_2.png
Tarot (Taz) Wake
read more