About Session
Technical Level: Intermediate
Seats are limited, so be sure to register for the workshop when you register for the conference.
Defenders need to leverage all available tools and visibility at their disposal to secure networks and critical infrastructure but often find themselves with little information – a domain name, an IP address – to work off to make security decisions. In this workshop, we. will review a network indicator-driven approach to cyber security decision making to demonstrate that even with supposedly “little” information, surprising amount of detail can be extracted.
Attendees should have a minimum understanding of network objects and infrastructure items (e.g., IP addresses, the nature of domain names, and similar) and should have a computer with an internet connection to follow along with examples and similar.
In the first part of this workshop, we will walk through investigative examples then explain the background behind network objects allowing for their further investigation
