Eric Conrad

Author, SANS Faculty Fellow, and CTO of Backshore Communications

Wednesday, June 24, 2020

Threat Hunting via DNS

My SANS @Mic talk Threat Hunting via DNS

Link to the Youtube video.

Here are the links:

DNS New World Order: QuadX! DoH! DoT! Da Fuq?
Paul Vixie on DoH
Firefox continues push to bring DNS over HTTPS by default for US users
Firefox to enable DNS-over-HTTPS by default to US users
Firefox HTTP logging
Tutorial to setup your own DNS-over-HTTPS (DoH) server
DNS-over-HTTPS with Pi-Hole
https://github.com/MarkBaggett/domain_stats
https://www.arin.net/resources/registry/whois/rdap/

Posted by Eric Conrad at 1:34 PM No comments:

Monday, June 08, 2020

CISSP Cram Session

Here are the slides for my CISSP Cram Session webcast.

The webcast is available here: http://sans.org/u/140g

Posted by Eric Conrad at 10:29 AM No comments:

Friday, May 22, 2020

BSides Halifax

Here's a link to my BSides Halifax talk Threat Hunting via DNS

Posted by Eric Conrad at 11:23 AM No comments:

Monday, January 13, 2020

Here's a link to my SANS Miami 2020 keynote talk:

Threat Hunting via Sysmon

Posted by Eric Conrad at 5:16 PM No comments:

Thursday, November 14, 2019

Maine DEFCON 207

Here's a copy of my DEFCON 207 talk Threat Hunting via Windows Event Logs

DeepBlueCLI GitHub site: https://github.com/sans-blue-team/DeepBlueCLI

Posted by Eric Conrad at 2:14 PM No comments:

Thursday, May 09, 2019

Threat Hunting via Windows Event Logs

Here's a copy of my SANS Security West keynote Threat Hunting via Windows Event Logs

Posted by Eric Conrad at 7:38 PM No comments:

Wednesday, April 24, 2019

Here's a copy of my Atlantic Security Conference talk: Build it Once, Build it Right: Architecting for Detection

Posted by Eric Conrad at 5:16 AM No comments:

Older Posts Home

Subscribe to: Posts (Atom)

About Me

Eric Conrad: Peaks Island, ME, United States; CTO, Backshore Communications

I am a SANS Faculty Fellow, co-author of SANS Security 511, MGT 414, and Security 542.

I am GIAC GSE #13.

I am a graduate of the SANS Technology Institute, with a Master of Science in Information Security Engineering (MSISE)

My Amazon author page

Email me: blogger18@backshore.net

View my complete profile

My videos and podcasts

Cyber Security Interviews - You need to be interested beyond 9-5
DerbyCon 2017: Introducing DeepBlueCLI v2 now available in PowerShell and Python
Paul's Security Weekly #519
How to become a SANS instructor
DerbyCon 2016: Introducing DeepBlueCLI a PowerShell module for hunt teaming via Windows event logs
Security Onion Con 2016: C2 Phone Home
Long tail analysis

CISSP® Study Guide

CISSP® Study Guide, 3rd Edition

Twitter

Follow @eric_conrad

LinkedIn

My Books

CISSP Study Guide 3E
Eleventh Hour CISSP 2E

Join My Lists

CISSP
Sec511 Alumni

Upcoming Conferences

http://www.sans.org/instructors/eric-conrad

My Infosec Papers and Links

Waking Sleeping Dogs: Information Security Ethics
MGT 414 Images
CISSP Study Guide Errata

SANS GIAC Certifications and Gold Research

My SANS GIAC certifications
Detecting Spam with Genetic Regular Expressions
A Heap o’ Trouble / Heap-based flag insertion buffer overflow in CVS

Blog Archive

▼ 2020 (4)
- ▼ June (2)
  - Threat Hunting via DNS
  - CISSP Cram Session
- ► May (1)
- ► January (1)

► 2019 (3)
- ► November (1)
- ► May (1)
- ► April (1)

► 2018 (4)
- ► December (2)
- ► April (2)

► 2017 (2)
- ► September (1)
- ► April (1)

► 2016 (5)
- ► October (1)
- ► September (2)
- ► August (1)
- ► April (1)

► 2015 (4)
- ► December (1)
- ► November (1)
- ► April (1)
- ► January (1)

► 2014 (2)
- ► April (1)
- ► March (1)

► 2013 (3)
- ► June (1)
- ► May (2)

► 2012 (6)
- ► September (1)
- ► July (2)
- ► May (1)
- ► March (1)
- ► February (1)

► 2010 (6)
- ► September (1)
- ► August (2)
- ► July (1)
- ► May (1)
- ► March (1)

► 2009 (9)
- ► November (2)
- ► August (1)
- ► June (1)
- ► April (1)
- ► March (4)

► 2008 (13)
- ► December (3)
- ► November (1)
- ► October (3)
- ► August (1)
- ► July (1)
- ► April (1)
- ► March (2)
- ► February (1)

► 2007 (21)
- ► December (1)
- ► November (1)
- ► October (3)
- ► September (2)
- ► July (2)
- ► June (4)
- ► April (3)
- ► March (3)
- ► February (2)

Network/Security Blogs

SANS Technology Institute: Security Laboratory
The Internet Storm Center
F-Secure's Security Blog

Awesome Inc. theme. Powered by Blogger.