Today’s targeted attacks pose a threat to both data and infrastructure inside an enterprise. Attacks on DNS are on the rise and DNS attacks can result in catastrophic network and system failure.
APTs are increasingly becoming more sophisticated and use DNS to communicate with command and control servers, making it harder to detect with traditional tools. In addition to this, DNS is increasingly becoming a pathway for data exfiltration, thereby leaving your sensitive information exposed.
Infoblox is able to seamlessly integrate with leading security solutions, to enable contextual sharing of threat intelligence and automation of response workflows, providing better protection against evolving threats such as:
Date: 1st April, Friday
Time: 9.00am - 1.30pm
Suntec Convention Centre
1 Raffles Boulevard Suntec City
Level 3, MR 333
(Click here for map direction)
Brought to you by:
Craig Sanderson - Senior Director, Product Management (Security)
Craig Sanderson has worked in the IT security industry for 17 years, consulting for Cisco in the UK and Europe as well as having roles in solution architecture, product management and business development. Craig specialized in IP Voice and Video security but has a broad range of experience in network security ranging from VPN, Firewall, IPS to network admission control and DDOS mitigation. He is now the senior director of product management for Infoblox’s security products
Topic: Securing DNS and Enabling a Threat Intelligence Architecture with Infoblox
Philip Parker – Technical Marketing Engineer
Philip Parker has been in networking and IT for over 20 years, including positions at Cisco and Stratacom. He has been with Infoblox for 5 years where he is now the Senior Technical Marketing Engineer specializing in DNS security. Philip is our resident technical expert in how to exploit DNS for exfiltrating data out of networks, as well as how to prevent such attacks.
Topic: DNS Tunnelling, Data Exfiltration and how to prevent data breaches over DNS
David Hoelzer – Sans Instructor
David Hoelzer is a high-scoring SANS Fellow instructor and author of more than twenty sections of SANS courseware. He is an expert in a variety of information security fields, having served in most major roles in the IT and security industries over the past twenty-five years. Recently, David was called upon to serve as an expert witness for the Federal Trade Commission for ground-breaking GLBA Privacy Rule litigation. David has been highly involved in governance at SANS Technology Institute, serving as a member of the Curriculum Committee as well as Audit Curriculum Lead.
David has trained security professionals from organizations including NSA, DHHS, Fortune 500 security engineers and managers, various Department of Defense sites, national laboratories, and many colleges and universities. David is a research fellow in the Center for Cybermedia Research and also a research fellow for the Identity Theft and Financial Fraud Research Operations Center (ITFF/ROC). He also is an adjunct research associate of the UNLV Cybermedia Research Lab and a research fellow with the Internet Forensics Lab.
David has written and contributed to more than 15 peer reviewed books, publications, and journal articles. Currently, David serves as the principal examiner and director of research for Enclave Forensics, a New York/Las Vegas based incident response and forensics company. He also serves as the chief information security officer for Cyber-Defense, an open source security software solution provider. In the past, David served as the director of the GIAC Certification program, bringing the GIAC Security Expert certification to life.
About the Infoblox
Infoblox (NYSE:BLOX) delivers critical network services that protect Domain Name System (DNS) infrastructure, automate cloud deployments, and increase the reliability of enterprise and service provider networks around the world. As the industry leader in DNS, DHCP, and IP address management, the category known as DDI, Infoblox reduces the risk and complexity of networking.Our solutions automate network-control functions to reduce costs and maximize uptime, and they protect against the rising flood of malware and distributed-denial-of-service DDoS attacks. From discovery, configuration, and compliance to DNS, DHCP, and IP address management, our technology automates and simplifies complex processes. Our patented Infoblox Grid™ delivers high availability and provides an authoritative network database for real-time and historical reporting. And our purpose-built DNS security solutions defend against a wider range of threats than any other product available.
About the SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted, and by far the largest source for world-class information security training and security certification in the world offering over 50 training courses. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 25 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; and it operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. (www.SANS.org)
To learn more about SANS Cyber Security and Digital Forensics, and Secure Software Development training in Singapore, email us at AsiaPacific@sans.org