Methodologies of Investigations Enhanced by the External Attack Surface

Conference:  RSA Conference 2021



The external attack surface can be used to gain insight and enhance investigations. Join this Lab to dig into various methods of investigation and interact with different ways to use the attack surface as a lens to focus on vulnerabilities being faced and threat actor infrastructures being used. A variety of freely available tools and techniques will be utilized during this hands-on experience. This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion, and remind attendees that no comment attribution or recording of any sort should take place. Pre-Requisites: Python3, Jupyter Notebook, geopi2, pandas, Maxmind free geoIP database file This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.