Exfiltration Framework (ExF)Return to TOC presented at FIRST 2014

by Mick Douglas, Eric Zielinski,

Summary : Data exfiltration is a common theme in most attack scenarios. The challenge in this space is sufficiently thwarting data exfiltration methods. This talk discusses a new approach to exfiltration of data. We have developed an Exfiltration Framework which provides insight on how to proactively detect exfiltration methods and how to respond to them. The Exfiltration Framework is the core building blocks to understand what data is leaving the network and how it can be slowed down or prevented. The Exfiltration Framework is designed to delay and/or prevent economic loss and strengthen security posture. Components of this framework allow for quick implementations of security techniques that can be applied to various environments within your network to better protect your data. We have defined new methods of security defense tactics that will help prevent against unauthorized exfiltration of data. The Data Exfiltration Framework can be used to identify gaps in your network and secure data leaving the network.