3 Reasons to Tune in to “The Threat Hunter’s Newest Weapon: DNS Data”
This Wednesday, Chris Day, Chief Cybersecurity Officer at Cyxtera will be joining us for an exclusive webinar, “The Threat Hunter’s Newest Weapon: DNS Data”.
This Wednesday, Chris Day, Chief Cybersecurity Officer at Cyxtera will be joining us for an exclusive webinar, “The Threat Hunter’s Newest Weapon: DNS Data”.
91% of malware attacks leverage DNS. So why aren’t more organizations using this gold mine of data to battle advanced persistent internal threats? With DNS data being be one of the most severely underutilized tools in battling bad actors, Chris Day will explain how system administrators, network engineers, and all threat hunters can use DNS data as a part of their cybersecurity arsenal. As 2017 comes to a close, Day will provide some great insight into what’s happened this past year, and what we can expect in 2018. If you’re still not convinced, here are just a few reasons why you should register.
1) You need to know what to look for
As a threat hunter, this question always arises: What should you be looking for in my DNS data? Due to the sheer volume of DNS queries that get logged, it can be difficult to tell what exactly this data can tell you about cyber attacks. One of the reasons DNS data is so underutilized is that many people don’t even know where to start. Wednesday’s webinar will take you through the hints to look for in your DNS data.
2) You need to know what to do right now
There are likely internal threats lurking on your network as you’re reading this. So, what can you do about it now? It’s important to know that while you may not be leveraging your DNS data, it’s all already there, ripe for analysis. There are steps you can take in the short-term to start preparing and protecting your network. Day will give us a few recent examples of how he used DNS to better understand cyberattacks.
3) You need to know what’s next
We are living in the age of inevitability, not prevention. Cyber threats are getting smarter and smarter and acting much faster than we seem to be able to react. That being said, it’s that much more important for threat hunters to shift their strategies and understand how to harness the power of DNS not only battling external threats but internal threats. Knowing what to look for in your data and what to anticipate can give you invaluable insight as far as forensics and detection.
All of this is just glimpse of what’s to come in Wednesday’s webinar. Make sure to tune in on December 13 at 2:00 PM EST to get the full picture, complete with a Q&A with Chris Day himself. Register here!
Key takeawaysThis key takeaway was generated through LLMs crawling the page and coming up with an overview of the content.This article promotes a webinar with Chris Day, Chief Cybersecurity Officer at Cyxtera, titled “The Threat Hunter’s Newest Weapon: DNS Data,” scheduled for December 13 at 2:00 PM EST. It explains that 91% of malware attacks leverage DNS and argues DNS logs are an underutilized source for detecting advanced persistent internal and external threats, offering practical guidance on what to look for, immediate steps to take, and how to anticipate future threat trends. The webinar will include examples of using DNS for forensic and detection purposes and conclude with a Q&A session with Chris Day.
Why is DNS data considered an important tool for threat hunting according to the article?
The article states that 91% of malware attacks leverage DNS, making DNS query logs a rich source of indicators for malicious activity. DNS data captures the domain lookups and resolution behavior that malware often relies on for command-and-control, data exfiltration, or lateral movement. Because many organizations do not yet analyze this volume of DNS traffic, threat hunters can gain high-value forensic and detection insights by learning what patterns and hints to look for in DNS data and integrating those signals into their investigative workflows.
What practical outcomes does the webinar promise for system administrators and threat hunters?
The webinar promises three practical outcomes: first, guidance on what specific indicators and hints to look for within large volumes of DNS queries so analysts know where to start; second, short-term actions and preparatory steps organizations can take immediately to begin leveraging their existing DNS logs for detection and protection; and third, strategic insight into how to anticipate evolving threats by using DNS for both forensic investigations and proactive threat hunting. Chris Day will illustrate these points with recent examples of using DNS to better understand cyberattacks.
When is the webinar taking place and what interactive element is included?
The webinar is scheduled for December 13 at 2:00 PM EST. In addition to Chris Day’s presentation on leveraging DNS data for threat hunting — including what to look for, immediate mitigation steps, and expectations for future threats — the event will include a live Q&A session where attendees can ask Chris Day questions directly about using DNS data in cybersecurity investigations.
Published in:
Anna is a passionate content writer who’s always eager to learn something new about cyber security.
Related content
How to map your network with user-defined links in Integrity X
Map your network with user-defined links in Integrity X to define and manage custom relationships, such as dual-stack and NAT environments.
Automate your DDI modernization path by migrating with Micetro
Automate cross-platform DNS and DHCP migration with Micetro to reduce risk, eliminate manual effort, and modernize infrastructure faster.
Your journey to intelligent NetOps begins at Cisco Live
Visit BlueCat’s booth or book a meeting now to learn more about how our solutions can help you build a network that supports constant change.
Replace BIND and ISC with Micetro DNS/DHCP Server (MDDS)
Tired of patching and manually configuring BIND DNS and ISC DHCP? Discover how Micetro MDDS appliances can replace them for modern DDI.