In this talk, we’ll explore how internet scan data layered with different open-source tools can start to make sense of what is publicly exposed and potentially a threat. Predominantly, we’ll focus on three investigations:
1. how to find attacker infrastructure, using IOCs from MITRE and Web Application Logs
2. how to identify trends in common misconfigurations and vulnerabilities
3. how to find assets related to your organization
Throughout the talk, we’ll identify and use risk indicators to find relevant exposed devices. We’ll also touch on historical trends that relate to different types of attacks, security risks that have surfaced in the past year, and what some of the challenges are in identifying rouge assets in the haystack of internet data.
About the Speaker
Morgan Princing is a solutions engineer at Censys, focused on identifying trends and tracking threat groups and vulnerabilities using Censys data. Her career in cybersecurity began in botnet detection, where she worked to protect websites, APIs and mobile apps from bots by detecting anomalies in web traffic and interrogating user-identification systems. Morgan holds a Bachelor of Arts in Economics, Urban Studies from University of Michigan. Morgan is a 2019 World IT Award Winner for Women in Security.