Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Network Forensic Analysis in an Encrypted World

BSidesLV via YouTube

Overview

Explore network forensic analysis techniques in an encrypted world through this BSidesLV conference talk. Delve into the impact of encryption on network security monitoring, learn how to leverage encrypted traffic metadata, and discover strategies for shifting the balance of power to defenders. Examine hunting techniques, including analyzing asset and request distributions, and send/receive ratios by server name. Investigate the implications of free SSL certificates and their potential for abuse. Gain insights into basic detection and forensics processes, and understand how encryption affects the network security monitoring model. Equip yourself with knowledge to adapt and thrive in an increasingly encrypted digital landscape.

Syllabus

Intro
Justin Warner (@sixdub)
NSM Quadrant
Encryption's Impact on the Quadrant
What this Means for Network Defenders
Encrypted Traffic Metadata
Leverage Encryption as an Advantage to Shift Balance of Power to Defenders
Hunting Primer
What is Normal?
Commonality - Asset / Request Distributions
Send/Recy Ratios by Server Name
Let's Encrypt Things!
Different Levels of Certificates
Changing The Mindset
Who would abuse free certificates?
Basic Detection → Forensics Process
So... Encryption Isn't the End of the World
Encrypted NSM Security Model (ECNSMM)

Taught by

BSidesLV

Reviews

Start your review of Network Forensic Analysis in an Encrypted World

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.