Eric Conrad

Author, SANS Faculty Fellow, and CTO of Backshore Communications

Sunday, March 01, 2020

Threat Hunting via DNS

My SANS Blue Team Summit talk Threat Hunting via DNS

Here are the links:

DNS New World Order: QuadX! DoH! DoT! Da Fuq?
Paul Vixie on DoH
Firefox continues push to bring DNS over HTTPS by default for US users
Firefox to enable DNS-over-HTTPS by default to US users
Firefox HTTP logging
Tutorial to setup your own DNS-over-HTTPS (DoH) server
DNS-over-HTTPS with Pi-Hole
https://github.com/MarkBaggett/domain_stats
https://www.arin.net/resources/registry/whois/rdap/

Posted by Eric Conrad at 8:45 PM No comments:

Monday, January 13, 2020

Here's a link to my SANS Miami 2020 keynote talk:

Threat Hunting via Sysmon

Posted by Eric Conrad at 5:16 PM No comments:

Thursday, November 14, 2019

Maine DEFCON 207

Here's a copy of my DEFCON 207 talk Threat Hunting via Windows Event Logs

DeepBlueCLI GitHub site: https://github.com/sans-blue-team/DeepBlueCLI

Posted by Eric Conrad at 2:14 PM No comments:

Thursday, May 09, 2019

Threat Hunting via Windows Event Logs

Here's a copy of my SANS Security West keynote Threat Hunting via Windows Event Logs

Posted by Eric Conrad at 7:38 PM No comments:

Wednesday, April 24, 2019

Here's a copy of my Atlantic Security Conference talk: Build it Once, Build it Right: Architecting for Detection

Posted by Eric Conrad at 5:16 AM No comments:

Thursday, December 13, 2018

The Perimeter is Dead

Here's a copy of my SANS CDI Keynote The Perimeter is Dead.

Posted by Eric Conrad at 4:44 PM No comments:

Tuesday, December 04, 2018

Build it Once, Build it Right: Architecting for Detection

Here's a copy of my Tactical Detection & Data Analytics Summit & Training 2018 keynote: Build it Once, Build it Right

Posted by Eric Conrad at 9:03 AM No comments:

Older Posts Home

Subscribe to: Posts (Atom)

About Me

Eric Conrad: Peaks Island, ME, United States; CTO, Backshore Communications

I am a SANS Faculty Fellow, co-author of SANS Security 511, MGT 414, and Security 542.

I am GIAC GSE #13.

I am a graduate of the SANS Technology Institute, with a Master of Science in Information Security Engineering (MSISE)

My Amazon author page

Email me: blogger18@backshore.net

View my complete profile

My videos and podcasts

Cyber Security Interviews - You need to be interested beyond 9-5
DerbyCon 2017: Introducing DeepBlueCLI v2 now available in PowerShell and Python
Paul's Security Weekly #519
How to become a SANS instructor
DerbyCon 2016: Introducing DeepBlueCLI a PowerShell module for hunt teaming via Windows event logs
Security Onion Con 2016: C2 Phone Home
Long tail analysis

CISSP® Study Guide

CISSP® Study Guide, 3rd Edition

Twitter

Follow @eric_conrad

LinkedIn

My Books

CISSP Study Guide 3E
Eleventh Hour CISSP 2E

Join My Lists

CISSP
Sec511 Alumni

Upcoming Conferences

http://www.sans.org/instructors/eric-conrad

My Infosec Papers and Links

Waking Sleeping Dogs: Information Security Ethics
MGT 414 Images
CISSP Study Guide Errata

SANS GIAC Certifications and Gold Research

My SANS GIAC certifications
Detecting Spam with Genetic Regular Expressions
A Heap o’ Trouble / Heap-based flag insertion buffer overflow in CVS

Blog Archive

▼ 2020 (2)
- ▼ March (1)
  - Threat Hunting via DNS
- ► January (1)

► 2019 (3)
- ► November (1)
- ► May (1)
- ► April (1)

► 2018 (4)
- ► December (2)
- ► April (2)

► 2017 (2)
- ► September (1)
- ► April (1)

► 2016 (5)
- ► October (1)
- ► September (2)
- ► August (1)
- ► April (1)

► 2015 (4)
- ► December (1)
- ► November (1)
- ► April (1)
- ► January (1)

► 2014 (2)
- ► April (1)
- ► March (1)

► 2013 (3)
- ► June (1)
- ► May (2)

► 2012 (6)
- ► September (1)
- ► July (2)
- ► May (1)
- ► March (1)
- ► February (1)

► 2010 (6)
- ► September (1)
- ► August (2)
- ► July (1)
- ► May (1)
- ► March (1)

► 2009 (9)
- ► November (2)
- ► August (1)
- ► June (1)
- ► April (1)
- ► March (4)

► 2008 (13)
- ► December (3)
- ► November (1)
- ► October (3)
- ► August (1)
- ► July (1)
- ► April (1)
- ► March (2)
- ► February (1)

► 2007 (21)
- ► December (1)
- ► November (1)
- ► October (3)
- ► September (2)
- ► July (2)
- ► June (4)
- ► April (3)
- ► March (3)
- ► February (2)

Network/Security Blogs

SANS Technology Institute: Security Laboratory
The Internet Storm Center
F-Secure's Security Blog

Awesome Inc. theme. Powered by Blogger.