Domain Hygiene as a Predictor of Badness
|
|
- Jack Young
- 8 years ago
- Views:
Transcription
1 Domain Hygiene as a Predictor of Badness Tim Helming Director, Product Management DomainTools Your Presenter Director of Product Management (aka the roadmap guy ) Over 13 years in cybersecurity Passionate about fighting the good fight! 2
2 Contents Meet your Presenter The Hypothesis Examples of good and bad hygiene Algorithms for predictive reputation scoring Test methodology and findings Future directions Q&A 3 Your Presenter s Employer Started by domainers as a(nother) Whois lookup site Added a few unique twists Maintained historical DB of information Went beyond canonical Whois data Built research tools atop all of this Today: it s not just for domainers any more. Lots of cybersleuths use it. 4
3 The Hypothesis Malicious domains are not set up the same way as legitimate ones much like physical dens of crime are not (usually) very similar to legit businesses Many of the characteristics that distinguish the legit from the illegit are visible in the public record These characteristics can be used to characterize domains and registrants This can help predict badness of domains before they strike or even before they re registered 5 How Might We Use Hygiene Information? Add a dimension to existing reputation scoring Assign a higher risk profile to unhygienic domains Help prioritize attribution/investigation targets when potential targets abound 6
4 Bolstering Reputation Feeds Traditional Reputation Feeds Tend to be malware focused (not always) Often require the domain to show badness, i.e. hurt victims, before listing them Ignore registrant as a vector of risk, and registration details as a marker of risk 7 Bolstering Reputation Feeds A Hygiene-Aware Reputation Feed Could raise risk profile of domains that have not otherwise implicated themselves Could predictively raise risk profile of domains as they come online (conceptually before they come online) via registrant reputation 8
5 Does Your Domain Have Good Hygiene? What does the public record (OSINT) tell us? Markers of Legitimate Commercial Domains Linguistic Coherence MX Record (most businesses use ) Valid Physical Address Valid Phone Number Age (yes, we re practicing ageism but unlike the other markers, this one is self-healing!) 9 Does That Domain Have Bad Hygiene? What does the public record (OSINT) tell us? Markers of Illegitimate Domains Linguistic incoherence of domain name, registrant name/ Lack of mail servers Lack of web presence Irrational/invalid Physical Address Irrational/invalid Phone Numbers 10
6 And now To the Science! 11 Methodology 1.0 We started with the easy stuff Built three corpuses of domains: Legitimate domains (a random selection of businesses and nonprofits, and Alexa top-ranked sites) Unknown (a truly random set with no qualifications) Bad (a random selection from reputable malware/spam/phishing classification providers) And we compared their hygiene characteristics 12
7 Scoring 1.0 Criterion (range) Low Risk Medium Risk High Risk Linguistic Coherence (0-2) 0=domain name makes sense linguistically (including acronyms/abbreviations) 1=Questionable. High entropy but can pass the "squint test." 2=Incoherent Age (0-2) 0=>45 days 1=7-45 days 2=<7 days MX Record (0-1) 0=has MX record 1=no MX record Web Server (0-1) 0=has Web server 1=no server Physical Address Coherence (0-2) Phone # Coherence (0-2) 0=valid address 1=indeterminate or partial 2=invalid address 0=valid phone number 1=indeterminate or partial 2=not a valid phone number Scores were composites of these 13 Results: Test Corpuses 1.0 Alexa Top Domains Unknown Malware Spam Phishing Why is malware in the middle? Likely reflects the combination of pwned and evil sites (pwned ones would in many cases have good hygiene, evil ones, not so much) 14
8 Methodology 2.0 Okay, that was the easy stuff Now for more rigor. 15 Methodology 2.0 Using AI to assess entropy in Whois record fields All random sampling rather than hand-picked corpuses Spot checks comparing high score (high badness) vs low score domains Do new bad domains show up on malware lists? 16
9 Methodology 2.0 Using AI to classify threats based on Whois Step 1: Measurements on each record Linguistic analysis of domain names, and other text based Whois data fields Frequency of linguistically rational bigrams Letter, number, symbol, vowel ratios 17 Methodology 2.0 More AI to classify threats based on Whois Step 1 (cont d): Measurements on each record Analysis of contacts information Impossible names (entropy) Improbable names ( Donald Duck ) Impossible phone numbers Improbable region words (e.g. Alabama in France) Bad postal codes Throwaway domains in contact s Generic domains in contact s 18
10 Methodology 2.0 More AI to classify threats based on Whois Step 1 (cont d): Measurements on each record Domain names matching hash patterns (md5/ sha) Privacy protection (and similar) Registration duration and age Indicators of data completeness 19 Methodology 2.0 Various domain / Whois hygiene indicators into AI Unsupervised Classification (e.g. k-means) Find ~15 classes of domains with similar scores in the hygiene space Look at counts of threats (spam, botnet, etc) in each class Supervised Classification (e.g. random forests) Fit a model to a blacklist and predict blacklists of future Calibration Step: Exploratory Stats Summarize domain hygiene data to better design classifiers 20
11 Results 2.0: Ranking of Type by Score Some Results from AI Scoring Ranking by Type, based on length and entropy 1. Botnet (longest, highest entropy) 2. Malware 3. Phishing 4. Spam 5. Not a Known Threat (shortest, lowest entropy) Each parameter (length, entropy) gave the same ranking 21 Close-Up: Relative Entropy by Type How do different types of domains compare by domain name entropy? 22
12 Close-Up: Relative Length by Type How do different types of domains compare by domain name length? 23 Zooming Back Out Some Practical Considerations 24
13 A word about false positives Reputation scoring is not blacklisting More like actuarial risk scoring Hygiene is correlated with, but not deterministically attached to, legitimacy One (or two) higher-risk attributes do not sink a domain However. 25 A word about false positives Hygiene-based false positives behave differently They are low-risk FPs Some such domains will be assigned high risk scores when they aren t hosting malware, but Does anyone really need to visit 829fh92-s8s.com IOW, they are very unlikely to be legit Ergo, FPs based on hygiene scoring aren t so likely to be an IT headache 26
14 Using Hygiene Analysis Today You can use this approach in investigations today (modulo scale) As a filtering connection method: signal: given given a pool a pool of of suspicious domains which domains, may or may examine not be Whois linked, records: do they have do they common pass the bogon sniff test? registrant (Parsed info? records Or, does make a given this easier) bogon registrant Focus on hold the bogon more than ones the first one domain you started looking at? 27 Using Hygiene Analysis Today and, you can use it as a defense mechanism, albeit manually Identify registrants of evil domains (it doesn t matter if the info is bogus, as long as you ve got the same registrant) Do reverse lookups of these registrants to see if they own other domains you ve not seen Add the other domains to blacklists, sinkholes, or other configuration inputs 28
15 Future Directions Iterate, refine, improve Watch for registration trends that could affect the AI algs or suggest new ones Integrate with our other branch of reputation tech ( proximity to badness ) Keep exploring 29 Your Turn Q & A 30
16 DomainTools says Thank You! 31
Defending Networks with Incomplete Information: A Machine Learning Approach. Alexandre Pinto alexcp@mlsecproject.org @alexcpsec @MLSecProject
Defending Networks with Incomplete Information: A Machine Learning Approach Alexandre Pinto alexcp@mlsecproject.org @alexcpsec @MLSecProject Agenda Security Monitoring: We are doing it wrong Machine Learning
More informationKnow Your Foe. Threat Infrastructure Analysis Pitfalls
Know Your Foe Threat Infrastructure Analysis Pitfalls Who Are We? Founders of PassiveTotal Analysts/researchers with 10+ years of collective experience Interested in Better UX/UI for security systems Improving/re-thinking
More informationWhen Reputation is Not Enough: Barracuda Spam Firewall Predictive Sender Profiling. White Paper
When Reputation is Not Enough: Barracuda Spam Firewall Predictive Sender Profiling White Paper As spam continues to evolve, Barracuda Networks remains committed to providing the highest level of protection
More informationEVILSEED: A Guided Approach to Finding Malicious Web Pages
+ EVILSEED: A Guided Approach to Finding Malicious Web Pages Presented by: Alaa Hassan Supervised by: Dr. Tom Chothia + Outline Introduction Introducing EVILSEED. EVILSEED Architecture. Effectiveness of
More informationWhose IP Is It Anyways: Tales of IP Reputation Failures
Whose IP Is It Anyways: Tales of IP Reputation Failures SESSION ID: SPO-T07 Michael Hamelin Lead X-Force Security Architect IBM Security Systems @HackerJoe What is reputation? 2 House banners tell a story
More informationAnti Spam Best Practices
53 Anti Spam Best Practices Anti Spam LIVE Service: Zero-Hour Protection An IceWarp White Paper October 2008 www.icewarp.com 54 Background As discussed in the IceWarp white paper entitled, Anti Spam Engine:
More informationBig Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data
Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Patrick Gardner VP Engineering Sourabh Satish Distinguished Engineer Symantec Vision 2014 - Big Data
More informationWhen Reputation is Not Enough: Barracuda Spam & Virus Firewall Predictive Sender Profiling
When Reputation is Not Enough: Barracuda Spam & Virus Firewall Predictive Sender Profiling As spam continues to evolve, Barracuda Networks remains committed to providing the highest level of protection
More informationThreat Intelligence is Dead. Long Live Threat Intelligence!
SESSION ID: STR-R02 Threat Intelligence is Dead. Long Live Threat Intelligence! Mark Orlando Director of Cyber Operations Foreground Security Background Threat Intelligence is Dead. Long Live Threat Intelligence!
More informationSecurity Intelligence Blacklisting
The following topics provide an overview of Security Intelligence, including use for blacklisting and whitelisting traffic and basic configuration. Security Intelligence Basics, page 1 Security Intelligence
More informationZero day attacks anatomy & countermeasures. By Cade Zvavanjanja Cybersecurity Strategist
Zero day attacks anatomy & countermeasures By Cade Zvavanjanja Cybersecurity Strategist Question? How do you secure against something Your security system can t capture, your experts don t know, your vendors
More informationescan Anti-Spam White Paper
escan Anti-Spam White Paper Document Version (esnas 14.0.0.1) Creation Date: 19 th Feb, 2013 Preface The purpose of this document is to discuss issues and problems associated with spam email, describe
More informationState of the Web 2015: Vulnerability Report. March 2015. 2015 Menlo Security Alright Reserved
State of the Web 2015: Vulnerability Report March 2015 Motivation In February 2015, security researchers http://www.isightpartners.com/2015/02/codoso/ reported that Forbes.com had been hacked. The duration
More informationReputation based Security. Vijay Seshadri Zulfikar Ramzan Carey Nachenberg
Reputation based Security Vijay Seshadri Zulfikar Ramzan Carey Nachenberg Agenda Reputation Based Security The Problem Reputation Concept Implementing Reputation Deploying Reputation Conclusion 2 The Problem
More informationSPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015
SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015 The Usual Players Indebtedness for driving on toll road Transaction receipts Notice to appear Major and Emerging Trends
More informationHow To Filter Email From A Spam Filter
Spam Filtering A WORD TO THE WISE WHITE PAPER BY LAURA ATKINS, CO- FOUNDER 2 Introduction Spam filtering is a catch- all term that describes the steps that happen to an email between a sender and a receiver
More informationWhat Spammers Don t Want You To Know About Permanently Blocking Their Vicious E-mails
2000 Linwood Ave Suite 19J Fort Lee, NJ 07024-3012 What Spammers Don t Want You To Know About Permanently Blocking Their Vicious E-mails Following Last Year s Hack Attack At Epsilon, You May Be Overwhelmed
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationIndicator Expansion Techniques Tracking Cyber Threats via DNS and Netflow Analysis
Indicator Expansion Techniques Tracking Cyber Threats via DNS and Netflow Analysis United States Computer Emergency Readiness Team (US-CERT) Detection and Analysis January 2011 Background As the number
More informationCommtouch RPD Technology. Network Based Protection Against Email-Borne Threats
Network Based Protection Against Email-Borne Threats Fighting Spam, Phishing and Malware Spam, phishing and email-borne malware such as viruses and worms are most often released in large quantities in
More informationSoftware Engineering 4C03 SPAM
Software Engineering 4C03 SPAM Introduction As the commercialization of the Internet continues, unsolicited bulk email has reached epidemic proportions as more and more marketers turn to bulk email as
More informationThey Did What?!? How Your End Users Are Putting You At Risk
They Did What?!? How Your End Users Are Putting You At Risk SESSION ID: HT-F02 Mike Seifert CISSP, CISA, CIPP, CISM, CGEIT Vice President Enterprise Risk & Resilience Fiserv New/future jobs Cloud Services
More informationRemoving Web Spam Links from Search Engine Results
Removing Web Spam Links from Search Engine Results Manuel EGELE pizzaman@iseclab.org, 1 Overview Search Engine Optimization and definition of web spam Motivation Approach Inferring importance of features
More informationVIRUS TRACKER CHALLENGES OF RUNNING A LARGE SCALE SINKHOLE OPERATION
VIRUS TRACKER CHALLENGES OF RUNNING A LARGE SCALE SINKHOLE OPERATION Kleissner & Associates Botconf 14, 3-5 Dec 2014, Nancy/France Worlds largest botnet monitoring system Since September 2012 Originally
More informationCYBERSECURITY INESTIGATION AND ANALYSIS
CYBERSECURITY INESTIGATION AND ANALYSIS The New Crime of the Digital Age The Internet is not just the hotspot of all things digital and technical. Because of the conveniences of the Internet and its accessibility,
More informationOverview An Evolution. Improving Trust, Confidence & Safety working together to fight the e-mail beast. Microsoft's online safety strategy
Overview An Evolution Improving Trust, Confidence & Safety working together to fight the e-mail beast Holistic strategy Prescriptive guidance and user education, collaboration & technology Evolution of
More informationSIMPLE STEPS TO AVOID SPAM FILTERS EMAIL DELIVERABILITY SUCCESS GUIDE
SIMPLE STEPS TO AVOID SPAM FILTERS SECTION 1 UNDERSTANDING THE BASICS Marketing emails account for most this is spam complaints, 70% in fact, which explains the scrutiny some marketers see applied to their
More informationMore Details About Your Spam Digest & Dashboard
TABLE OF CONTENTS The Spam Digest What is the Spam Digest? What do I do with the Spam Digest? How do I view a message listed in the Spam Digest list? How do I release a message from the Spam Digest? How
More informationESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved.
ESG Brief Webroot Delivers Enterprise-Class Threat Intelligence to Security Technology Providers and Large Organizations Date: September 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore,
More informationWHITE PAPER: THREAT INTELLIGENCE RANKING
WHITE PAPER: THREAT INTELLIGENCE RANKING SEPTEMBER 2015 2 HOW WELL DO YOU KNOW YOUR THREAT DATA? HOW THREAT INTELLIGENCE FEED MODELING CAN SAVE MONEY AND PREVENT BREACHES Who are the bad guys? What makes
More informationContext Adaptive Scanning Engine: Protecting Against the Broadest Range of Blended Threats
Context Adaptive Scanning Engine: Protecting Against the Broadest Range of Blended Threats W h i t e P a p e r Executive Summary The email and Web security problem can no longer be addressed by point solutions
More informationCymon.io. Open Threat Intelligence. 29 October 2015 Copyright 2015 esentire, Inc. 1
Cymon.io Open Threat Intelligence 29 October 2015 Copyright 2015 esentire, Inc. 1 #> whoami» Roy Firestein» Senior Consultant» Doing Research & Development» Other work include:» docping.me» threatlab.io
More informationWEBSENSE EMAIL SECURITY SOLUTIONS OVERVIEW
WEBSENSE EMAIL SECURITY SOLUTIONS OVERVIEW Challenge The nature of email threats has changed over the past few years. Gone are the days when email security, better known as anti-spam, was primarily tasked
More informationAbused Internet Domain Registration Analysis for Calculating Risk and Mitigating Malicious Activity
2012 Abused Internet Domain Registration Analysis for Calculating Risk and Mitigating Malicious Activity KnujOn.com LLC Brief Version 2/18/2012 Promising Research KnujOn.com LLC is proud to release this
More information1. Introduction...3 2. Email Deliverability-Benchmarks...4 2.1. Working with Your Service Provider...4 2.2. Email sent...4 2.3. Email delivered...
1. Introduction...3 2. Email Deliverability-Benchmarks...4 2.1. Working with Your Service Provider...4 2.2. Email sent...4 2.3. Email delivered...4 2.4. Bounces....4 2.5. Email unsubscribe requests....5
More informationPineApp Anti IP Blacklisting
PineApp Anti IP Blacklisting Whitepaper 2011 Overview ISPs outbound SMTP Services Individual SMTP relay, not server based (no specific protection solutions are stated between the sender and the ISP backbone)
More informationContent Filters A WORD TO THE WISE WHITE PAPER BY LAURA ATKINS, CO- FOUNDER
Content Filters A WORD TO THE WISE WHITE PAPER BY LAURA ATKINS, CO- FOUNDER CONTENT FILTERS 2 Introduction Content- based filters are a key method for many ISPs and corporations to filter incoming email..
More informationIt s not a matter of if but when. Actionable Threat Intelligence, Accelerated Response
It s not a matter of if but when Actionable Threat Intelligence, Accelerated Response Rapid Advanced Detection and Response (RADAR), is a managed information security service, offering comprehensive security
More informationSocial Media Mining. Data Mining Essentials
Introduction Data production rate has been increased dramatically (Big Data) and we are able store much more data than before E.g., purchase data, social media data, mobile phone data Businesses and customers
More informationDomain Name Abuse Detection. Liming Wang
Domain Name Abuse Detection Liming Wang Outline 1 Domain Name Abuse Work Overview 2 Anti-phishing Research Work 3 Chinese Domain Similarity Detection 4 Other Abuse detection ti 5 System Information 2 Why?
More informationWE KNOW IT BEFORE YOU DO: PREDICTING MALICIOUS DOMAINS Wei Xu, Kyle Sanders & Yanxin Zhang Palo Alto Networks, Inc., USA
WE KNOW IT BEFORE YOU DO: PREDICTING MALICIOUS DOMAINS Wei Xu, Kyle Sanders & Yanxin Zhang Palo Alto Networks, Inc., USA Email {wei.xu, ksanders, yzhang}@ paloaltonetworks.com ABSTRACT Malicious domains
More informationeprism Email Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide
eprism Email Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide This guide is designed to help the administrator configure the eprism Intercept Anti-Spam engine to provide a strong spam protection
More informationUser Documentation Web Traffic Security. University of Stavanger
User Documentation Web Traffic Security University of Stavanger Table of content User Documentation... 1 Web Traffic Security... 1 University of Stavanger... 1 UiS Web Traffic Security... 3 Background...
More informationRecurrent Patterns Detection Technology. White Paper
SeCure your Network Recurrent Patterns Detection Technology White Paper January, 2007 Powered by RPD Technology Network Based Protection against Email-Borne Threats Spam, Phishing and email-borne Malware
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationSECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION
SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION How ThreatBLADES add real-time threat scanning and alerting to the Analytics Platform INTRODUCTION: analytics solutions have become an essential weapon
More informationFireEye Email Threat Prevention Cloud Evaluation
Evaluation Prepared for FireEye June 9, 2015 Tested by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 www.icsalabs.com Table of Contents Executive Summary... 1 Introduction... 1 About
More informationProtect Your Brand Investment with. Brand Monitoring. from DomainTools DOMAINTOOLS SOLUTION BRIEF WWW.DOMAINTOOLS.COM WWW.DOMAINTOOLS.
1 Protect Your Brand Investment with Brand Monitoring from DomainTools DOMAINTOOLS SOLUTION BRIEF 2 INTRODUCTION: A BRAVE NEW BRANDED WORLD Apple, Coca- Cola, Louis Vuitton. According to a recent report
More informationPurchase College Barracuda Anti-Spam Firewall User s Guide
Purchase College Barracuda Anti-Spam Firewall User s Guide What is a Barracuda Anti-Spam Firewall? Computing and Telecommunications Services (CTS) has implemented a new Barracuda Anti-Spam Firewall to
More informationProtect Yourself. Who is asking? What information are they asking for? Why do they need it?
Protect Yourself Your home computer serves many purposes: email, shopping, social networking and more. As you surf the Internet, you should be aware of the various ways to protect yourself. Of primary
More informationwww.pandasecurity.com 100% Malware-Free E-mail: A Guaranteed Approach
100% Malware-Free E-mail: A Guaranteed Approach 2 100% Malware-Free E-mail: A Guaranteed Approach Panda Security's Mail Filtering Managed Service Guarantees Clean E-mail Table of Contents Table of Contents...
More informationApplying Machine Learning to Network Security Monitoring. Alex Pinto Chief Data Scien2st MLSec Project @alexcpsec @MLSecProject!
Applying Machine Learning to Network Security Monitoring Alex Pinto Chief Data Scien2st MLSec Project @alexcpsec @MLSecProject! whoami Almost 15 years in Informa2on Security, done a licle bit of everything.
More informationEMAIL SECURITY S INSIDER SECRETS
EMAIL SECURITY S INSIDER SECRETS There s more to email security than spam block rates. Antivirus software has kicked the can. Don t believe it? Even Bryan Dye, Symantec s senior vice president for information
More informationCybersecurity: An Innovative Approach to Advanced Persistent Threats
Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used
More informationBridging the gap between COTS tool alerting and raw data analysis
Article Bridging the gap between COTS tool alerting and raw data analysis An article on how the use of metadata in cybersecurity solutions raises the situational awareness of network activity, leading
More informationThreat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research
Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research 2 3 6 7 9 9 Issue 1 Welcome From the Gartner Files Definition:
More informationMachine Learning Final Project Spam Email Filtering
Machine Learning Final Project Spam Email Filtering March 2013 Shahar Yifrah Guy Lev Table of Content 1. OVERVIEW... 3 2. DATASET... 3 2.1 SOURCE... 3 2.2 CREATION OF TRAINING AND TEST SETS... 4 2.3 FEATURE
More informationSENIORS ONLINE SECURITY
SENIORS ONLINE SECURITY Seniors Online Security Five Distinct Areas Computer security Identity crime Social networking Fraudulent emails Internet banking 1 Computer security 2 There are several ways that
More informationSafer Internet Day Quiz
Safer Internet Day Quiz Safer Internet Day 2014 is all about helping to create a better internet together. But do you make good decisions online? Test your internet safety knowledge by taking our Safer
More informationEnhanced Spam Defence
Enhanced Spam Defence An approach to making SMTP connect time blocking a reliable method for e-mail filtering By John Jensen, Topsec Technology Ltd. As the spam problem keeps growing and the associated
More informationHow to show up in local searches.
autorevo.com 2014 Guide #09 How to show up in local searches. a Local SEO guide by AutoRevo. Can people really find your website? Does your dealership show up on the first page of search results? There
More informationReduce Your Network's Attack Surface
WHITE PAPER Reduce Your Network's Attack Surface Ixia's ThreatARMOR Frees Up Security Resources and Personnel The Threat Landscape When you re dealing with network security, one of the primary measurements
More informationEmail Reputation Metrics Troubleshooter. Share it!
Email Reputation Metrics Troubleshooter page: 1 Email Reputation Metrics Troubleshooter Written By Dale Langley Dale has been working with clients to improve their email deliverability and response rates,
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationEvaluating DMARC Effectiveness for the Financial Services Industry
Evaluating DMARC Effectiveness for the Financial Services Industry by Robert Holmes General Manager, Email Fraud Protection Return Path Executive Summary Email spoofing steadily increases annually. DMARC
More informationIT Sicherheit im Web 2.0 Zeitalter
IT Sicherheit im Web 2.0 Zeitalter Dirk Beste Consulting System Engineer 1 IT Sicherheit im Web 2.0 Zeitalter Cisco SIO und Global Threat Correlation Nach dem Webinar sollte der Zuhörer in der Lage sein:
More informationEECS 588: Computer and Network Security. Introduction January 14, 2014
EECS 588: Computer and Network Security Introduction January 14, 2014 Today s Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade
More informationWhen Reputation is Not Enough. Barracuda Email Security Gateway s Predictive Sender Profiling. White Paper
When Reputation is Not Enough Barracuda Email Security Gateway s Predictive Sender Profiling White Paper As spam continues to evolve, Barracuda Networks remains committed to providing the highest level
More informationLASTLINE WHITEPAPER. Using Passive DNS Analysis to Automatically Detect Malicious Domains
LASTLINE WHITEPAPER Using Passive DNS Analysis to Automatically Detect Malicious Domains Abstract The domain name service (DNS) plays an important role in the operation of the Internet, providing a two-way
More informationNew DNS Traffic Analysis Techniques to Identify Global Internet Threats. Dhia Mahjoub and Thomas Mathew January 12 th, 2016
New DNS Traffic Analysis Techniques to Identify Global Internet Threats Dhia Mahjoub and Thomas Mathew January 12 th, 2016 1 Dhia Mahjoub Technical Leader at OpenDNS PhD Graph Theory Applied on Sensor
More informationOverconfident Employees and the Lack of Email Security Tools Lead to Risky Business
White Paper Overconfident Employees and the Lack of Email Security Tools Lead to Risky Business A SilverSky Survey of Email Security Habits SilverSky 440 Wheelers Farms Road Suite 202 Milford CT 06461
More informationF-Secure Internet Security 2014 Data Transfer Declaration
F-Secure Internet Security 2014 Data Transfer Declaration The product s impact on privacy and bandwidth usage F-Secure Corporation April 15 th 2014 Table of Contents Version history... 3 Abstract... 3
More informationAccess Control Rules: URL Filtering
The following topics describe how to configure URL filtering for your Firepower System: URL Filtering and Access Control, page 1 Reputation-Based URL Filtering, page 2 Manual URL Filtering, page 5 Limitations
More informationClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014
1 ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014 About the Presenters Ms. Irene Selia, Product Manager, ClearSkies SecaaS SIEM Contact: iselia@odysseyconsultants.com,
More informationZscaler Internet Security Frequently Asked Questions
Zscaler Internet Security Frequently Asked Questions 1 Technical FAQ PRODUCT LICENSING & PRICING How is Zscaler Internet Security Zscaler Internet Security is licensed on number of Cradlepoint devices
More informationE-MAIL FILTERING FAQ
V8.3 E-MAIL FILTERING FAQ COLTON.COM Why? Why are we switching from Postini? The Postini product and service was acquired by Google in 2007. In 2011 Google announced it would discontinue Postini. Replacement:
More informationBig Data and Cyber Security A bibliometric study Jacky Akoka, Isabelle Comyn-Wattiau, Nabil Laoufi Workshop SCBC - 2015 (ER 2015) 1 Big Data a new generation of technologies and architectures, designed
More informationDST EMAIL. Product FAQs. Thank you for using our products. DST UK www.dstsystems.co.uk
EFFECTIVE PERSONALISED PRINT AND E-COMMUNICATION SOLUTIONS DESIGNED WITH YOU IN MIND DSTSYSTEMS.CO.UK DST EMAIL Product FAQs version 01 Thank you for using our products. DST UK www.dstsystems.co.uk DST
More informationSecure Because Math: Understanding ML- based Security Products (#SecureBecauseMath)
Secure Because Math: Understanding ML- based Security Products (#SecureBecauseMath) Alex Pinto Chief Data Scientist Niddel / MLSec Project @alexcpsec @MLSecProject @NiddelCorp MLSec Project / Niddel MLSec
More informationA White Paper. VerticalResponse, Email Delivery and You A Handy Guide. VerticalResponse,Inc. 501 2nd Street, Suite 700 San Francisco, CA 94107
A White Paper VerticalResponse, Email Delivery and You Delivering email seems pretty straightforward, right? You upload a mailing list, create an email, hit send, and then mighty wizards transport that
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationQuality Over Quantity
Presented by Rod Rasmussen June 16, 2015 FIRST Conference, Berlin Quality Over Quantity CUTTING THROUGH CYBERTHREAT INTELLIGENCE NOISE Rod Rasmussen IID founder, CTO Co-chair Anti- Phishing Working Group
More informationThe What, Why, and How of Email Authentication
The What, Why, and How of Email Authentication by Ellen Siegel: Director of Technology and Standards, Constant Contact There has been much discussion lately in the media, in blogs, and at trade conferences
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationEmail Correlation and Phishing
A Trend Micro Research Paper Email Correlation and Phishing How Big Data Analytics Identifies Malicious Messages RungChi Chen Contents Introduction... 3 Phishing in 2013... 3 The State of Email Authentication...
More informationSHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper
SHARE THIS WHITEPAPER On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper Table of Contents Overview... 3 Current Attacks Landscape: DDoS is Becoming Mainstream... 3 Attackers Launch
More informationQuarantined Messages 5 What are quarantined messages? 5 What username and password do I use to access my quarantined messages? 5
Contents Paul Bunyan Net Email Filter 1 What is the Paul Bunyan Net Email Filter? 1 How do I get to the Email Filter? 1 How do I release a message from the Email Filter? 1 How do I delete messages listed
More informationHPL Barracuda Spam/Virus Firewall
HPL Barracuda Spam/Virus Firewall The Barracuda Spam/Virus Firewall has been deployed behind the HPL Campus Firewall. Its mission is to scan incoming and outgoing mail for known spam and viruses in the
More informationDon t Click That Link and other security tips. Laura Perry Jennifer Speegle Mike Trice
Don t Click That Link and other security tips Laura Perry Jennifer Speegle Mike Trice About Us Laura Perry Information Security Jennifer Speegle Firewall Administrator Mike Trice Network Engineer Mail
More informationWe Know It Before You Do: Predicting Malicious Domains
We Know It Before You Do: Predicting Malicious Domains Abstract Malicious domains play an important role in many attack schemes. From distributing malware to hosting command and control (C&C) servers and
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More informationCollateral Damage. Consequences of Spam and Virus Filtering for the E-Mail System. Peter Eisentraut 22C3. credativ GmbH.
Consequences of Spam and Virus Filtering for the E-Mail System 22C3 Introduction 12 years of spam... 24 years of SMTP... Things have changed: SMTP is no longer enough. Spam filters, virus filters are part
More informationEight Essential Elements for Effective Threat Intelligence Management May 2015
INTRODUCTION The most disruptive change to the IT security industry was ignited February 18, 2013 when a breach response company published the first research that pinned responsibility for Advanced Persistent
More informationThe Latest Internet Threats to Affect Your Organisation. Tom Gillis SVP Worldwide Marketing IronPort Systems, Inc.
The Latest Internet Threats to Affect Your Organisation Tom Gillis SVP Worldwide Marketing IronPort Systems, Inc. Agenda Spam Trends Staying Ahead Blended Threats Spam Trends What Do Dick Cheney & Bill
More informationHow To Ensure Your Email Is Delivered
Everything You Need to Know About Delivering Email through Your Web Application SECTION 1 The Most Important Fact about Email: Delivery is Never Guaranteed Email is the backbone of the social web, making
More informationHow to minimize SPAM in your CBPref.com Inbox
How to minimize SPAM in your CBPref.com Inbox By Jason K. Serafin As I travel through our Coldwell Banker Preferred branch offices, I hear many agents ask me the same question over and over: What can we
More informationINinbox Start-up Pack
2 INspired Email Marketing This is what you should know about sending emails through INinbox and how to get started! Thanks for joining INinbox. choice. You ve made a great In front of you, you find the
More informationAnglia IT Solutions Managed Anti-SPAM
By Appointment to Her Majesty The Queen Supplier of IT Products and Support Anglia IT Solutions Limited Swaffham Anglia IT Solutions Managed Anti-SPAM A Simple Guide All Rights Reserved. This document
More informationGFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall
GFI Product Comparison GFI MailEssentials vs Barracuda Spam Firewall GFI MailEssentials Barracuda Spam Firewall Integrates closely with Microsoft Exchange Server 2003/2007/2010 Integrates closely with
More informationeprism Email Security Suite
FAQ V8.3 eprism Email Security Suite 800-782-3762 www.edgewave.com 2001 2012 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks
More information