Morgan Princing - Censys
"Identifying Security Risks Using Internet-Wide Scan Data"
Jan 22, 2020Download: MP4 Video Size: 1.0GB
Watch on YouTube
In this talk, we’ll explore how internet scan data layered with different open-source tools can start to make sense of what is publicly exposed and potentially a threat. Predominantly, we’ll focus on three investigations:
1. how to find attacker infrastructure, using IOCs from MITRE and Web Application Logs
2. how to identify trends in common misconfigurations and vulnerabilities
3. how to find assets related to your organization
Throughout the talk, we’ll identify and use risk indicators to find relevant exposed devices. We’ll also touch on historical trends that relate to different types of attacks, security risks that have surfaced in the past year, and what some of the challenges are in identifying rouge assets in the haystack of internet data.