Morgan Princing - Censys

Jan 22, 2020

Size: 1.0GB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube

"Identifying Security Risks Using Internet-Wide Scan Data"

Abstract


In this talk, we’ll explore how internet scan data layered with different open-source tools can start to make sense of what is publicly exposed and potentially a threat.  Predominantly, we’ll focus on three investigations:  

1. how to find attacker infrastructure, using IOCs from MITRE and Web Application Logs

2. how to identify trends in common misconfigurations and vulnerabilities

3. how to find assets related to your organization 

Throughout the talk, we’ll identify and use risk indicators to find relevant exposed devices.  We’ll also touch on historical trends that relate to different types of attacks, security risks that have surfaced in the past year, and what some of the challenges are in identifying rouge assets in the haystack of internet data.

About the Speaker

Morgan Princing is a solutions engineer at Censys, focused on identifying trends and tracking threat groups and vulnerabilities using Censys data.  Her career in cybersecurity began in botnet detection, where she worked to protect websites, APIs and mobile apps from bots by detecting anomalies in web traffic and interrogating user-identification systems. Morgan holds a Bachelor of Arts in Economics, Urban Studies from University of Michigan.  Morgan is a 2019 World IT Award Winner for Women in Security.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...

Coming Up!

Our annual security symposium will take place on April 7 & 8, 2020.
Purdue University, West Lafayette, IN

More Information