Best Offers Of The Year with SANS OnDemand: iPad Pro w/ Magic KB, Surface Go2 or $350 Off


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Accelerate Your Cybercrime Investigations with OSINT

  • Monday, April 06, 2015 at 1:00 PM EDT (2015-04-06 17:00:00 UTC)
  • Tim Helming, Lenny Zeltser


  • DomainTools

You can now attend the webcast using your mobile device!



Lenny Zeltser hosts a lively discussion of new ways to investigate threat actors using OSINT (Open Source Threat Intelligence) such as domain registration data, IP address data, MX records, geolocation, and more. Using examples from high-profile cybercrime cases (such as APT1 or APT28), Tim Helming from DomainTools will demonstrate how threat actors can be identified, or their webs of connected holdings can be mapped for defensive (or offensive) purposes.

Speaker Bios

Lenny Zeltser

Lenny Zeltser is a seasoned IT professional with a strong background in information security and business management. As a Product Management Director at NCR Corporation, he focuses on safeguarding IT environments of small and midsize businesses worldwide. Before NCR, he led an enterprise security consulting team at a major IT hosting provider.

Lenny's most recent work has focused on malware defenses and cloud-based services. He teaches how to analyze and combat malware at the SANS Institute, where he is a senior faculty member. He also participates as a member of the board of directors at the SANS Technology Institute and volunteers as an incident handler at the Internet Storm Center.

Lenny frequently speaks on security and related business topics at conferences and industry events, writes articles, and has co-authored books on forensics, network security, and malicious software. He is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation. Lenny has an MBA degree from MIT Sloan and a computer science degree from the University of Pennsylvania. You can learn more about Lenny's projects on his personal website and blog.

Tim Helming

Tim Helming, DomainTools Director of Product Management, has over 14 years of experience in cybersecurity, from network to cloud to application attacks and defenses. At WatchGuard, he helped define and launch some of the best-selling SMB security appliances in the market. At Symform, he led definition and product evangelism efforts for that company's unique peer-to-peer cloud storage solution. Tim has spoken at security conferences, media events, and technology partner conferences worldwide.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.