Advanced Internet dataset combinations for #ThreatHunting & Attack Prediction presented at BSidesSanFrancisco 2017

by Steve Ginty, Arian J Evans,

Summary : Have you ever had to look up an IP address, domain name, or URL to decide if it is a threat, and if it is targeting you?, Do you ever need to analyze what what malicious action it just took on your potentially-compromised users? If yes - this session is for you!
It's time to move beyond simple Whois & PDNS lookups, and noisy threat feeds. Learn how to combine SSL cert facet data with tracking IDs like Google Analytics, ad-trackers, performance management trackers; host-pair relationships; technology stack fingerprints; detect, verify, and stop your adversaries' next attacks.