This Wednesday, Chris Day, Chief Cybersecurity Officer at Cyxtera will be joining us for an exclusive webinar, “The Threat Hunter’s Newest Weapon: DNS Data”.
91% of malware attacks leverage DNS. So why aren’t more organizations using this gold mine of data to battle advanced persistent internal threats? With DNS data being be one of the most severely underutilized tools in battling bad actors, Chris Day will explain how system administrators, network engineers, and all threat hunters can use DNS data as a part of their cybersecurity arsenal. As 2017 comes to a close, Day will provide some great insight into what’s happened this past year, and what we can expect in 2018. If you’re still not convinced, here are just a few reasons why you should register.
1) You need to know what to look for
As a threat hunter, this question always arises: What should you be looking for in my DNS data? Due to the sheer volume of DNS queries that get logged, it can be difficult to tell what exactly this data can tell you about cyber attacks. One of the reasons DNS data is so underutilized is that many people don’t even know where to start. Wednesday’s webinar will take you through the hints to look for in your DNS data.
2) You need to know what to do right now
There are likely internal threats lurking on your network as you’re reading this. So, what can you do about it now? It’s important to know that while you may not be leveraging your DNS data, it’s all already there, ripe for analysis. There are steps you can take in the short-term to start preparing and protecting your network. Day will give us a few recent examples of how he used DNS to better understand cyberattacks.
3) You need to know what’s next
We are living in the age of inevitability, not prevention. Cyber threats are getting smarter and smarter and acting much faster than we seem to be able to react. That being said, it’s that much more important for threat hunters to shift their strategies and understand how to harness the power of DNS not only battling external threats but internal threats. Knowing what to look for in your data and what to anticipate can give you invaluable insight as far as forensics and detection.
All of this is just glimpse of what’s to come in Wednesday’s webinar. Make sure to tune in on December 13 at 2:00 PM EST to get the full picture, complete with a Q&A with Chris Day himself. Register here!
NSA and CISA: Protective DNS key to network defense
U.S. cyber agencies now point to protective DNS as a defense strategy, confirming what BlueCat already knew: DNS is critical to detecting network threats.
SUNBURST/Solorigate Situation Briefing
BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.
January 21, 2021: Learn more about how the SUNBURST/Solorigate malware exploited DNS to execute its attack.
Customer situation brief on SUNBURST/Solorigate
Learn more about the attack via the SolarWinds Orion platform and how BlueCat products use DNS to help protect customers against compromises like it.