Overview
Brandon Dixon and Benjamin Powell present the RiskIQ Threat Hunting Workshop. The workshop is broken down into two sections. Part one is the Methodologies for Threat Analysis. Part two discusses data sources and reviews specific use cases that highlight RiskIQ's data sets utilizing Threat Infrastructure Analysis Methodologies.
Threat Infrastructure Analysis
The attackers' outside perspective enables them to take advantage of your continually expanding web and mobile presence that operates outside of your firewall.
Approaching and interacting with the web and mobile properties as a real user would, RiskIQ technology disarms attackers' evasion techniques, collects user session data, and detects phishing, malware, rogue apps, unwanted content, and domain infringement at scale to deliver actionable, event-based threat alerts and workflows.
As more threat data becomes available, more tools, education, and effort are required by analysts to understand the data sets and their corresponding threats. RiskIQ’s PassiveTotal unifies these efforts by providing a single view into multiple data sources.
YouTube Channel Links
Part One: Introduction and Methodologies
https://www.youtube.com/playlist?list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY
Part Two: Data Sets and Examples
https://www.youtube.com/playlist?list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
Part One
Youtube Video Links:
1 - Methodologies for Threat Analysis - Intro & Threat Analysis Lifecycle
https://www.youtube.com/watch?v=Y-l_cs7snu8&index=1&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY&t=0s
2 - Methodologies for Threat Analysis - You can't avoid the internet
https://www.youtube.com/watch?v=vOxK6763Yog&index=2&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY&t=0s
3 - Methodologies for Threat Analysis - Signals to the rescue
https://www.youtube.com/watch?v=Jgp5D0QCzlo&t=0s&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY&index=3
4 - Methodologies for Threat Analysis - TIA
https://www.youtube.com/watch?v=ot_-G5FBwpg&t=0s&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY&index=4
5 - Methodologies for Threat Analysis - Forming infrastructure chains
https://www.youtube.com/watch?v=2AhMOAZQ0D8&t=0s&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY&index=5
6 - Methodologies for Threat Analysis - Analyzing the layers
https://www.youtube.com/watch?v=_j7hZzVyzNc&t=0s&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY&index=6
7 - Methodologies for Threat Analysis - Caveats to TIA
https://www.youtube.com/watch?v=Rp3fTGjncOw&t=0s&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY&index=7
8 - Methodologies for Threat Analysis - Why apply TIA in your organization
https://www.youtube.com/watch?v=vXwfyIJy2cM&index=7&list=PLgLzPE5LJevb_PcjMYMF2ypjnVcKf8rjY
Part Two
Youtube Video Links:
1 - THW Data Sets - Intro & Account Settings
https://www.youtube.com/watch?v=-eOsN7zLSMg&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&t=0s&index=1
2 - THW Data Sets - Resolutions
https://www.youtube.com/watch?v=k031O6d8LLo&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=1
3 - THW Data Sets - DNS
https://www.youtube.com/watch?v=36O1OKJh95k&index=2&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
4 - THW Data Sets - Subdomains
https://www.youtube.com/watch?v=dHDmNgrr8-8&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=3
5 - THW Data Sets - WHOIS
https://www.youtube.com/watch?v=qGGq4SKOC5o&index=5&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&t=0s
6 - THW Data Sets - Creating Chains
https://www.youtube.com/watch?v=012mLuCKprk&t=15s&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=6
7 - THW Data Sets - Hashes
https://www.youtube.com/watch?v=NJlkCIXrgcg&index=7&t=5s&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
8 - THW Data Sets - OSINT
https://www.youtube.com/watch?v=bno8CFZea5M&index=8&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&t=0s
9 - THW Data Sets - Email Investigation
https://www.youtube.com/watch?v=UYLhGfUsLNA&index=9&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&t=0s
10 - THW Data Sets - Projects
https://www.youtube.com/watch?v=43iIiKcECUM&t=2s&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=10
11- THW Data Sets - Utilizing Projects in an Investigation
https://www.youtube.com/watch?v=sWrvlH9SSts&index=10&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
12 - THW Data Sets - PDNS & WHOIS Investigation
https://www.youtube.com/watch?v=_LMumtAVePA&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&t=0s&index=12
13 - THW Data Sets - Increasing Signal Collection & How Virtual User Crawler Works
https://www.youtube.com/watch?v=HmefeJU4SWE&t=43s&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=13
14 - THW Data Sets - What is in a website
https://www.youtube.com/watch?v=kWJH4DTKX70&index=14&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&t=11s
15 - THW Data Sets - Operationalizing Crawl Data
https://www.youtube.com/watch?v=_Sei-87Lrn8&t=26s&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=15
16 - THW Data Sets - Certificates
https://www.youtube.com/watch?v=gT32VeQLG2g&index=15&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
17 - THW Data Sets - Trackers
https://www.youtube.com/watch?v=YAjC-ho640g&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=16
18 - THW Data Sets - Increased Visibility
https://www.youtube.com/watch?v=ROhiXWeJ5QE&index=17&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
19 - THW Data Sets - Host Pairs
https://www.youtube.com/watch?v=izUwu9juCHU&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=18
20 - THW Data Sets - Crawl Data Investigation
https://www.youtube.com/watch?v=uceLmvKEReI&index=19&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
21 - THW Data Sets - Components
https://www.youtube.com/watch?v=OBHMuEzPg8o&index=20&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
22 - THW Data Sets - Cookies
https://www.youtube.com/watch?v=xWNrEOb4khw&index=21&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9
23 - THW Data Sets - Domain Artifact Investigation
https://www.youtube.com/watch?v=ZWg5cDxXAR8&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=22
24 - THW Data Sets - Digital Footprint
https://www.youtube.com/watch?v=99B8fLIlm-Y&list=PLgLzPE5LJevYLWdBzPcxZ0ozFjpmHBPN9&index=23
Comments
0 comments
Please sign in to leave a comment.