OnDemand & vLive - Get a GIAC Cert Attempt Included or $350 Off thru 10/31

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Fingerprinting Threat Actors with Web Assets

  • Tuesday, May 8th, 2018 at 1:00 PM EDT (17:00:00 UTC)
  • Rebekah Brown and Mike Thompson
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • DomainTools

You can now attend the webcast using your mobile device!

Overview

Threat actors tools, techniques and procedures are evolving at a rapid pace, making it even more difficult for organizations to effectively defend their network. This is forcing security professionals to be more agile and moving beyond simply block and tackle security strategies.

Join SANS instructor, Rebekah Brown and DomainTools Data Systems Engineer, Mike Thompson to learn how the threat intelligence space is changing and what techniques security professionals can apply to stay ahead of threat actors.

In this webinar you will learn:

  •  How the threat intelligence space is evolving 
  • Practical steps your team can take to get ahead of threat actors
  • Real world examples of enumerating attacker infrastructure using web assets and other information scraped from html.

Speaker Bios

Rebekah Brown

Rebekah Brown has spent more than a decade working in the intelligence community; her previous roles include NSA network warfare analyst, operations chief of a United States Marine Corps cyber unit, and a U.S. Cyber Command training and exercise lead. Rebekah has helped develop threat intelligence and security awareness programs at the federal, state and local level, as well as in the private sector. Today, Rebekah leads the Rapid7 threat intelligence programs, where her responsibilities include program architecture, analysis and operations. She is a course author and instructor for SANS FOR578 - Cyber Threat Intelligence, and author of Intelligence Driven Incident Response.


Mike Thompson

Mike Thompson is a Data Systems Engineer at Domain Tools. He is interested in studying the Internet as an organism -- the way it evolves and changes over time, and what that means for organizations and individuals. 

At his last job as a Cybersecurity Analyst at Argonne National Laboratory, he led the research team that wrote the pioneering study on Internet Infrastructure for the Department of Homeland Security's Office of Infrastructure Protection. He's also co-authored studies on cloud vulnerabilities and remote access to industrial control systems that are currently in use by analysts at the Central Intelligence Agency and Defense Intelligence Agency. He holds multiple patents on server and network defense technologies.

Mike has also been a cybersecurity analyst and researcher for the federal government and was an Operations technician and System Administrator for Google during the early days of their great global data center expansion.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.