SYS-CON MEDIA Authors: Pat Romanski, PagerDuty Blog, Michael Jannery, Javier Paniza, Kevin Jackson

News Feed Item

Arbor Networks’ Marc Eisenbarth and Jason Jones to Discuss Botnet Tracking and Intelligence Sharing at AusCERT 2014

Arbor Networks, Inc., a leading provider of DDoS and advanced threat protection solutions for enterprise and service provider networks, announced today that Marc Eisenbarth, Security Architect and Manager of Research for the Arbor Security Engineering and Response Team (ASERT) and Jason Jones, Security Research Analyst for ASERT, will be speaking at AusCERT 2014. During their joint presentation, they will draw on their experience in malware reverse engineering and botnet tracking to discuss the evolution of botnet tracking over time, sharing case studies from real-world attack scenarios. In a separate presentation later in the week, Marc Eisenbarth will share insight into how the ASERT team leverages ATLAS® data, the world's largest distributed honeynet made up of over 80 Tbps of global Internet traffic, to share actionable intelligence both with customers and with hundreds of CERT organizations around the world.

Separately at AusCERT, the ASERT team is also a finalist in the 2014 AusCERT Awards for Organizational Excellence. Winners will be announced on May 15, 2014 at the AusCERT 2014 Gala Dinner. Arbor will also be exhibiting at the show alongside local distributor Whitegold Solutions in their stand on the exhibitor floor.

“BladeRunner: Adventures in Tracking Botnets”

The problem of tracking botnets is not a new one, but still proves to be an important and fruitful research topic. ASERT has been tracking many botnets for years using an internally built tracking system, which has undergone a number of significant improvements and changes over the years. The basic tenet is a language for implementing botnet command-and-control mechanisms and tracking the resulting infiltrated botnets. This presentation will cover the evolution of this system, which offers a vignette of the evolution of the modern day botnet itself. With this historical backdrop, Marc and Jason will discuss ASERT’s current monitoring mechanisms and selected botnet family case studies, highlighting results - including correlations gleaned from data-mining the results and will conclude with offering a toolkit that allows others to conduct similar investigations.

WHEN:
Date: May 14, 2014
Time: 10:40 - 11:20
Location: Prince Room

WHERE:
AusCERT 2014
RACV Royal Pines Resort
Gold Coast, Australia

“ASERT: Internet-Scale Security”

Arbor Networks is a member of an elite group of institutions that might be referred to as "super remediators." This is a reflection of having both visibility and remediation capabilities at nearly every tier one operator and the majority of service provider networks globally. The Arbor Security Engineering and Response Team (ASERT) shares operationally viable intelligence with hundreds of international Computer Emergency Response Teams (CERTs) in an out-of-band manner, apart from the Arbor Networks product line. ASERT also provides this same data to thousands of network operators via in-band security content feeds. ASERT also operates ATLAS, the world's largest distributed honeynet, capturing 80 Tbps of global Internet traffic, or roughly one third of all Internet traffic. This brief talk outlines various datasets that ASERT maintains and offers some brief statistics and findings. Marc will discuss the high-level process in which ASERT derives actionable intelligence from these datasets and the following challenges in getting the data to the party capable of performing the most efficient remediation. This presentation will close by introducing various research problems ASERT is interested in solving and our current progress in these areas.

WHEN:
Date: May 15, 2014
Time: 13:30 - 14:10
Location: Norfolk Room

WHERE:
AusCERT 2014
RACV Royal Pines Resort
Gold Coast, Australia

For more information on ASERT, please visit the ASERT blog for regular insight into malware research, industry commentary and technical insight into breaking security events: http://www.arbornetworks.com/asert/

About Arbor Networks

Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver comprehensive network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and help reduce the risk to their business.

To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor’s research, analysis and insight, together with data from the ATLAS® global threat intelligence system, can be found at the ATLAS Threat Portal.

Trademark Notice: Arbor Networks, Peakflow, ArbOS, ATLAS, Pravail, Arbor Cloud, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be - especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging. In his session a...
“We are a managed services company. We have taken the key aspects of the cloud and the purposed data center and merged the two together and launched the Purposed Cloud about 18–24 months ago," explained Chetan Patwardhan, CEO of Stratogent, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Enthusiasm for the Internet of Things has reached an all-time high. In 2013 alone, venture capitalists spent more than $1 billion dollars investing in the IoT space. With "smart" appliances and devices, IoT covers wearable smart devices, cloud services to hardware companies. Nest, a Google company, detects temperatures inside homes and automatically adjusts it by tracking its user's habit. These technologies are quickly developing and with it come challenges such as bridging infrastructure gaps,...
“The year of the cloud – we have no idea when it's really happening but we think it's happening now. For those technology providers like Zentera that are helping enterprises move to the cloud - it's been fun to watch," noted Mike Loftus, VP Product Management and Marketing at Zentera Systems, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things' get connected, people will rely on DNS to name and find their fridges, toasters and toilets. Acco...
"For over 25 years we have been working with a lot of enterprise customers and we have seen how companies create applications. And now that we have moved to cloud computing, mobile, social and the Internet of Things, we see that the market needs a new way of creating applications," stated Jesse Shiah, CEO, President and Co-Founder of AgilePoint Inc., in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
“We are strong believers in the DevOps movement and our staff has been doing DevOps for large enterprise environments for a number of years. The solution that we build is intended to allow DevOps teams to do security at the speed of DevOps," explained Justin Lundy, Founder & CTO of Evident.io, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, ...
"Application monitoring and intelligence can smooth the path in a DevOps environment. In a DevOps environment you see constant change. If you are trying to monitor things in a constantly changing environment, you're going to spend a lot of your job fixing your monitoring," explained Todd Rader, Solutions Architect at AppDynamics, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"Desktop as a Service is emerging as a very big trend. One of the big influencers of this – for Esri – is that we have a large user base that uses virtualization and they are looking at Desktop as a Service right now," explained John Meza, Product Engineer at Esri, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
What do a firewall and a fortress have in common? They are no longer strong enough to protect the valuables housed inside. Like the walls of an old fortress, the cracks in the firewall are allowing the bad guys to slip in - unannounced and unnoticed. By the time these thieves get in, the damage is already done and the network is already compromised. Intellectual property is easily slipped out the back door leaving no trace of forced entry. If we want to reign in on these cybercriminals, it's hig...
High-performing enterprise Software Quality Assurance (SQA) teams validate systems that are ready for use - getting most actively involved as components integrate and form complete systems. These teams catch and report on defects, making sure the customer gets the best software possible. SQA teams have leveraged automation and virtualization to execute more thorough testing in less time - bringing Dev and Ops together, ensuring production readiness. Does the emergence of DevOps mean the end of E...
Docker offers a new, lightweight approach to application portability. Applications are shipped using a common container format and managed with a high-level API. Their processes run within isolated namespaces that abstract the operating environment independently of the distribution, versions, network setup, and other details of this environment. This "containerization" has often been nicknamed "the new virtualization." But containers are more than lightweight virtual machines. Beyond their small...