Software Engineering Institute

Indicator Expansion Techniques –Tracking Cyber Threats via DNS and Netflow Analysis

January 9, 2012 • Presentation

By

Michael Jacobs

In this presentation, Michael Jacobs describes how to use DNS and netflow analysis to track cyber threats.

Publisher

Software Engineering Institute

Subjects

Flocon Situational Awareness

Abstract

As the number of compromises escalates and our visibility into the network grows, it becomes imperative to create automated operational solutions to feed your Computer Network Defense machine.

Tracking cyber threats through the coupling of DNS data and netflow analysis allows for a much higher level of confidence in the identification of malicious activity.

Download PDF

Part of a Collection

Flocon 2012 Collection

Ask a question about this Presentation

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.

Software Engineering Institute

Indicator Expansion Techniques –Tracking Cyber Threats via DNS and Netflow Analysis

January 9, 2012 • Presentation

By Michael Jacobs

Publisher

Subjects

Abstract

SHARE

Part of a Collection

By

Michael Jacobs