Farsight DNSDB and MISP: Advanced Threat Hunting Techniques Part III – RUN

hosted by CIRCL

Start: Tuesday, 11 May 2021 17:00

End: Tuesday, 11 May 2021 18:30

  • About this event

    CRAWL, WALK, RUN series – Farsight Security / MISP webinars

    Farsight DNSDB and MISP: Advanced Threat Hunting Techniques

    Part III – RUN

    In this three-parts webinar series Farsight Security and CIRCL will provide an overview of Farsight’s Passive DNS data, how historical Passive DNS objective observations can be used to uncover malicious activities going back in time. Using practical use cases, we will then demonstrate how to gather the same evidence using Farsight passive DNS module from within MISP platform, and share the findings with the community. We will leave plenty of time for you to follow the steps we demonstrate, as well as ask questions.  

     

    In Part II of this three-part webinar series, we shared several real-world examples how you can use the combined power of both Farsight DNSDB and MISP in your investigations.

    In Part III of this three-part webinar series, we will take a deep dive into a well-known incident of the past, the 2013 New York Times compromise using the combined power of Farsight DNSDB and MISP. In this example, we will show how you can use passive DNS data to investigate events that have occurred long time ago, even if for a short period of time. We’ll show you how to look for common patterns to identify similarities in Tactics, Techniques and Procedures (TTPs) of the malicious actors.

     

  • Registration

    The event is over. It is not possible to purchase tickets anymore.This event used XING Events for online ticketing. Start to organise your own events in an effective and professional way.
    Test it now

    * incl. legal VAT

Share

Or share this link:

Export

Information

  • Directions

  • More events

powered by XING Events

Event organiser: CIRCL
More participants thanks to online event management solutions from XING Events.

Imprint