Loading...
Speakers
Rod Rasmussen
VP of Cybersecurity
Infoblox
United States

Biography

Rod Rasmussen, joined Infoblox in 2016 as Infoblox’s VP of Cybersecurity as part of the acquisition of the cybersecurity company IID.  Rod co-founded IID and served for over 10 years as its President & CTO. He is widely recognised as an expert on the abuse of the domain name system by criminals and other malicious actors. Rasmussen is co-chair of the Anti-Phishing Working Group’s (APWG) Internet Policy Committee, and is a member of ICANN's Security and Stability Advisory Committee. Rasmussen is a member of the Online Trust Alliance’s Steering Committee.  He is a Steering Committee member, and has served multiple times as a workgroup co-chair on FCC's Communications Security, Reliability and Interoperability Council (CSRIC). Rasmussen is also a member of M3AAWG, DNS-OARC, and serves as IID's FIRST representative. Rasmussen earned an MBA from the Haas School of Business at UC-Berkeley and holds two bachelor's degrees, in Economics and Computer Science, from the University of Rochester.

Title

State of the Art in Analysing DNS Resolution Data to Expose Malicious Activities

Synopsis

While almost every major organisation in the world is being continuously attacked over the Internet from a wide variety of actors, tools, and methods, the vast majority of them are sitting on a gold mine of data that could expose and thwart those attacks and don’t even know it.  That data is in the very mundane task of resolving names to network addresses known as Domain Name Service (DNS).  This session will explore how to dig data out of your organisation’s DNS queries and responses, find activities like data exfiltration using DNS tunnels, malware activities, and other attacks leveraging the DNS, and provide some thoughts on how to use the organisation’s DNS infrastructure itself to protect from these threats.