One Week Left to Get an 11" iPad Pro with Apple Pencil w/ OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Prevent DNS Based Data Exfiltration and Disrupt Cyber Kill Chain

  • Thursday, May 11, 2017 at 1:00 PM EDT (2017-05-11 17:00:00 UTC)
  • Srikrupa Srivatsan, Andrew Hay


  • InfoBlox

You can now attend the webcast using your mobile device!



Frequency and cost of data breaches are sky rocketing. Most recent estimates put the average cost of a data breach at $4M. There are lots of ways to carry out data exfiltration but only one way to avoid detection by most security tools - using the DNS backdoor. Standard technologies like antivirus, firewalls and sandboxing don't have visibility into DNS conversations and can't break through 2nd generation malware techniques like obfuscation. So why not use the same control plane that sophisticated malware uses to block it? Join SANS and Infoblox in our upcoming webinar on May 11 to learn about:

  • Infoblox's Data Protection and Malware Mitigation solution using reputation, signature and behavior based methods
  • How to mine valuable historical DNS data for security and troubleshooting
  • How to gain deep visibility into your network and threat indicators

Speaker Bios

Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Co-Founder & Chief Technology Officer (CTO) for LEO Cyber Security, he is a member of the senior executive leadership team responsible for the creation and driving of the strategic vision for the company. One of his primary responsibilities is the development and delivery of the company's comprehensive cyber security, digital forensics, incident response, cloud architecture, and advanced research centers of excellence.

Andrew has served in various roles and responsibilities at several companies including DataGravity, OpenDNS (a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Srikrupa Srivatsan

Srikrupa has 20 years of experience in technology in various roles including software development, product management and product marketing. Currently, as Director of Product Marketing at Infoblox, she is responsible for messaging, positioning and bringing to market Infoblox’s security solutions that optimize security operations and provide foundational security against known and zero-day threats. She has an MBA from University of California, Haas School of Business and a Computer Science Engineering degree.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.