Webcast – Are Beacons Evil?
March 3 @ 2:00 pm - 3:00 pm EST
We all know that beacons – regular connections between systems – are commonly used to carry instructions and data in a command and control channel. But that raises an interesting question; are Beacons always malicious?
In this presentation by Active Countermeasures’, Keith Chew, & Bill Stearns, we’ll look at the Threat types normally associated with command and control traffic and see how legitimate application traffic can show up. We’ll go over the types of traffic and how to identify and whitelist them.
Join the THREAT HUNTING COMMUNITY Discord Server to engage with the presenters and your fellow attendees during the webcast: https://discord.gg/dnmvXkz
Interested in threat hunting tools? Check out AC-Hunter
Active Countermeasures is passionate about providing quality, educational content for the Infosec and Threat Hunting community. We appreciate your feedback so we can keep providing the type of content the community wants to see. Please feel free to Email Us with your ideas!
Bill has authored numerous articles and tools for client use. He also serves as a content author and faculty member at the SANS Institute, teaching the Linux System Administration, Perimeter Protection, Securing Linux and Unix, and Intrusion Detection tracks. Bill’s background is in network and operating system security; he was the chief architect of one commercial and two open source firewalls and is an active contributor to multiple projects in the Linux development effort. Bill’s articles and tools can be found in online journals and at http://github.com/activecm/ and http://www.stearns.org.