Save $200 on Cyber Security Training at SANS Miami 2018. Ends 12/27.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Prevent DNS Based Data Exfiltration and Disrupt Cyber Kill Chain

  • Thursday, May 11th, 2017 at 1:00 PM EDT (17:00:00 UTC)
  • Andrew Hay and Srikrupa Srivatsan
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • InfoBlox

You can now attend the webcast using your mobile device!

Overview

Frequency and cost of data breaches are sky rocketing. Most recent estimates put the average cost of a data breach at $4M. There are lots of ways to carry out data exfiltration but only one way to avoid detection by most security tools - using the DNS backdoor. Standard technologies like antivirus, firewalls and sandboxing don't have visibility into DNS conversations and can't break through 2nd generation malware techniques like obfuscation. So why not use the same control plane that sophisticated malware uses to block it? Join SANS and Infoblox in our upcoming webinar on May 11 to learn about:

  • Infoblox's Data Protection and Malware Mitigation solution using reputation, signature and behavior based methods
  • How to mine valuable historical DNS data for security and troubleshooting
  • How to gain deep visibility into your network and threat indicators

Speaker Bios

Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Co-Founder & Chief Technology Officer (CTO) for LEO Cyber Security, he is a member of the senior executive leadership team responsible for the creation and driving of the strategic vision for the company. One of his primary responsibilities is the development and delivery of the company's comprehensive cyber security, digital forensics, incident response, cloud architecture, and advanced research centers of excellence.

Andrew has served in various roles and responsibilities at several companies including DataGravity, OpenDNS (a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.


Srikrupa Srivatsan

Srikrupa has 18 years of experience in technology in various roles including software development, product management and product marketing. Currently, she is responsible for messaging, positioning and bringing to market Infoblox's security solutions that ease security operations and provide DNS based security. She has an MBA from University of California, Haas School of Business and a Computer Science Engineering degree.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.