Final Days to get an iPad Mini 4, a Galaxy Tab A, or Take $250 Off with Online Training - Register by 9/27!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Dissecting various real-world DGA variants

  • Wednesday, August 9th, 2017 at 10:30 AM EDT (14:30:00 UTC)
  • Sean Ennis and John Pescatore
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Cybereason

You can now attend the webcast using your mobile device!

Overview

Attackers often turn to DGAs to generate large numbers of random Internet addresses to link to C&C servers. DGAs are an effective covert communication method. They are relatively easy to implement, difficult to block, almost impossible to predict in advance, and can be quickly modified if the previously used algorithm becomes known.

Join Cybereason's Sean Ennis, Senior Systems Engineer as he dissects specific DGA methods currently being used by malware and exploit kits. Also, learn to identify DGA communication patterns and see how behavioral DGA detection actually works in a corporate scenario.

Speaker Bios

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and voice systems "and the occasional ballistic armor installation." John has testified before Congress about cyber security, was named one of the 15 most-influential people in security in 2008 and remains an NSA-certified cryptologic engineer.


Sean Ennis

Sean Ennis is a Senior Security Engineer with over 13 years of experience designing and building cyber security solutions for organizations across North America. He currently focuses on advanced threat detection and incident response technologies for Cybereason.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.