SlideShare ist ein Scribd-Unternehmen logo

Revealing the Dark Web: How to Leverage Technologies to Alert and Block Dark Web Access

Als PPTX, PDF herunterladen
Veriato
Veriato

How to leverage technologies to alert and block Dark Web access.

Technologie
1 von 18
Veriato Revealing the Dark Web: How to Leverage Technologies to Alert and Block Dark Web Access.
Your Speakers Nick Cavalancia Nick Cavalancia is a cyber-security expert with over 25 years of enterprise IT and security experience. He regularly blogs, writes, and speaks on a wide range of cyber security issues, helping organizations, IT professionals, MSPs, and technology vendors understand the state of both insider and external threats, and how to build and execute a strategy to minimize risk. Patrick Knight Patrick Knight is the Senior Director of Cyber Strategy and Technology at Veriato where he helps organizations protect critical data from threats by trusted insiders. His cybersecurity career spans 17 years helping enterprises protect against online threats and developing anti-malware, network intrusion detection, computer and network forensics and encryption technologies.
Agenda • Dark Web 101: Defining the Threat • Employees and the Dark Web: Why and How? • Detecting and Blocking Dark Web activity
• TOR Browser • Browser Extensions • VPN Use (optional) Dark Web 101 GETTING ON THE DARK WEB
Dark Web 101 THERE’S MORE TO THE WEB THAN YOU THINK
Dark Web 101 WIKIS
Dark Web 101 COUNTERFEITING
Dark Web 101 DRUGS
Dark Web 101 WEAPONS
Dark Web 101 HACKING FOR HIRE
Dark Web 101 WHISTLEBLOWING
Employees and the Dark Web • Direct Access to Bad Guys • Monetization – Data – Credentials • Solicitation • Exfiltration HOW CAN THE DARK WEB BE USED?
Detecting Employee Dark Web Activity • TOR browser (process, application title, files) • Site names - e.g. .onion (window title) • Network Traffic • Presence of VPN • Leading threat indicators WHAT ARE THE TELLTALE SIGNS?
Blocking the Dark Web • Use of the TOR browser • Network traffic to .onion sites • Use of VPN WHAT SHOULD YOU DISALLOW?
Stopping the Dark Web Threat • Employees-turned-insiders are a legitimate threat • The Dark Web enables so much threatening behavior • Detection and blocking require some effort, but are achievable.
Cerebral Insider Threat Intelligence Platform Cerebral provides an end-to-end integrated internal threat intelligence platform that maximizes both security and efficiency while providing the concrete proof to take legal action. • Powered by AI • Fully Integrated • Scalable • Cloud or On-Prem • Eyes on Glass Technology
Veriato QUESTIONS?
Veriato THANK YOU! @veriato @veriato

Empfohlen

Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosNext-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosAmazon Web Services
 
Internet Etiqute
Internet EtiquteInternet Etiqute
Internet EtiquteAnay Mishra
 
Aegis Personal Cybersecurity 101
Aegis Personal Cybersecurity 101Aegis Personal Cybersecurity 101
Aegis Personal Cybersecurity 101Nick Powers
 
Konica Arora
Konica AroraKonica Arora
Konica AroraKonica Arora
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011Xavier Mertens
 
Hacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyHacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyMaurice Dawson
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 

Empfohlen

Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosNext-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosAmazon Web Services
 
Internet Etiqute
Internet EtiquteInternet Etiqute
Internet EtiquteAnay Mishra
 
Aegis Personal Cybersecurity 101
Aegis Personal Cybersecurity 101Aegis Personal Cybersecurity 101
Aegis Personal Cybersecurity 101Nick Powers
 
Konica Arora
Konica AroraKonica Arora
Konica AroraKonica Arora
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011Xavier Mertens
 
Hacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyHacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyMaurice Dawson
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
OWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationOWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationuisgslide
 
Security horrors
Security horrorsSecurity horrors
Security horrorsBoy Baukema
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber securityzaarahary
 
Profile securitarian
Profile securitarianProfile securitarian
Profile securitarianRupesh Verma
 
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar
 
Honeypots for proactively detecting security incidents
Honeypots for proactively detecting security incidentsHoneypots for proactively detecting security incidents
Honeypots for proactively detecting security incidentsAPNIC
 
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Andrew Morris
 
IT Security Summit 2016
IT Security Summit 2016IT Security Summit 2016
IT Security Summit 2016AGC Conferences - AGC Development Corp
 
Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a HackerNormShield, Inc.
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and SecurityAlex Hyer
 
Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014n|u - The Open Security Community
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield, Inc.
 
Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Dave Eilken
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!NormShield, Inc.
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityCambridge Intelligence
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 
Security Issues in Internet of Things
Security Issues in Internet of ThingsSecurity Issues in Internet of Things
Security Issues in Internet of ThingsLohith Haravu Chandrashekar
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damentalSatria Ady Pradana
 
Honeypot
HoneypotHoneypot
HoneypotSyeda Khadizatul maria
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.AlgoSec
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version Brian Pichman
 

Weitere ähnliche Inhalte

Was ist angesagt?

OWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationOWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationuisgslide
 
Security horrors
Security horrorsSecurity horrors
Security horrorsBoy Baukema
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber securityzaarahary
 
Profile securitarian
Profile securitarianProfile securitarian
Profile securitarianRupesh Verma
 
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar
 
Honeypots for proactively detecting security incidents
Honeypots for proactively detecting security incidentsHoneypots for proactively detecting security incidents
Honeypots for proactively detecting security incidentsAPNIC
 
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Andrew Morris
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and SecurityAlex Hyer
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield, Inc.
 
Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Dave Eilken
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!NormShield, Inc.
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityCambridge Intelligence
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 

Was ist angesagt? (20)

OWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationOWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentation
 
Security horrors
Security horrorsSecurity horrors
Security horrors
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber security
 
Profile securitarian
Profile securitarianProfile securitarian
Profile securitarian
 
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
 
Honeypots for proactively detecting security incidents
Honeypots for proactively detecting security incidentsHoneypots for proactively detecting security incidents
Honeypots for proactively detecting security incidents
 
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
 
IT Security Summit 2016
IT Security Summit 2016IT Security Summit 2016
IT Security Summit 2016
 
Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a Hacker
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and Security
 
Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration Overview
 
Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber Security
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
 
Security Issues in Internet of Things
Security Issues in Internet of ThingsSecurity Issues in Internet of Things
Security Issues in Internet of Things
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
Honeypot
HoneypotHoneypot
Honeypot
 

Ähnlich wie Revealing the Dark Web: How to Leverage Technologies to Alert and Block Dark Web Access

Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.AlgoSec
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version Brian Pichman
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceBrian Pichman
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiShah Sheikh
 
Mnx solutions cybersecurity presentation monroe mi
Mnx solutions cybersecurity presentation monroe miMnx solutions cybersecurity presentation monroe mi
Mnx solutions cybersecurity presentation monroe minwilkens
 
Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)Stephen Abram
 
Cyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCharles Cline
 
Cyber Security College Workshop
Cyber Security College WorkshopCyber Security College Workshop
Cyber Security College WorkshopRahul Nayan
 
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceThe cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceJason Bloomberg
 
Attacks on the cyber world
Attacks on the cyber worldAttacks on the cyber world
Attacks on the cyber worldNikhil Tripathi
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDebra Baker, CISSP CSSP
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewRobert Herjavec
 
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...REVULN
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
Detection is Dead
Detection is DeadDetection is Dead
Detection is DeadYul Bahat
 
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPractical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPRISMA CSI
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 

Ähnlich wie Revealing the Dark Web: How to Leverage Technologies to Alert and Block Dark Web Access (20)

Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day Conference
 
Darknet (ec)
Darknet (ec) Darknet (ec)
Darknet (ec)
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
 
Mnx solutions cybersecurity presentation monroe mi
Mnx solutions cybersecurity presentation monroe miMnx solutions cybersecurity presentation monroe mi
Mnx solutions cybersecurity presentation monroe mi
 
Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)
 
Cyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCyber Security Overview for Small Businesses
Cyber Security Overview for Small Businesses
 
Cyber Security College Workshop
Cyber Security College WorkshopCyber Security College Workshop
Cyber Security College Workshop
 
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceThe cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
 
Attacks on the cyber world
Attacks on the cyber worldAttacks on the cyber world
Attacks on the cyber world
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptx
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR Overview
 
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
Detection is Dead
Detection is DeadDetection is Dead
Detection is Dead
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPractical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber Security
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 

Mehr von Veriato

Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
What do your employees do all day? - Veriato + Digital Boardwalk
What do your employees do all day? - Veriato + Digital BoardwalkWhat do your employees do all day? - Veriato + Digital Boardwalk
What do your employees do all day? - Veriato + Digital BoardwalkVeriato
 
Extending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office PerimeterExtending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office PerimeterVeriato
 
Monitoring a hybrid workforce - veriato and prianto
Monitoring a hybrid workforce - veriato and priantoMonitoring a hybrid workforce - veriato and prianto
Monitoring a hybrid workforce - veriato and priantoVeriato
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsVeriato
 
The Rise of Ransomware As a Service
The Rise of Ransomware As a ServiceThe Rise of Ransomware As a Service
The Rise of Ransomware As a ServiceVeriato
 
Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...
Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...
Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...Veriato
 
Monitoring employees in a remote workplace
Monitoring employees in a remote workplaceMonitoring employees in a remote workplace
Monitoring employees in a remote workplaceVeriato
 
Building an insider threat program
Building an insider threat programBuilding an insider threat program
Building an insider threat programVeriato
 
Implementing A User Activity & Behavior Monitoring Program
Implementing A User Activity & Behavior Monitoring ProgramImplementing A User Activity & Behavior Monitoring Program
Implementing A User Activity & Behavior Monitoring ProgramVeriato
 

Mehr von Veriato (10)

Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
What do your employees do all day? - Veriato + Digital Boardwalk
What do your employees do all day? - Veriato + Digital BoardwalkWhat do your employees do all day? - Veriato + Digital Boardwalk
What do your employees do all day? - Veriato + Digital Boardwalk
 
Extending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office PerimeterExtending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office Perimeter
 
Monitoring a hybrid workforce - veriato and prianto
Monitoring a hybrid workforce - veriato and priantoMonitoring a hybrid workforce - veriato and prianto
Monitoring a hybrid workforce - veriato and prianto
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior Analytics
 
The Rise of Ransomware As a Service
The Rise of Ransomware As a ServiceThe Rise of Ransomware As a Service
The Rise of Ransomware As a Service
 
Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...
Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...
Veriato Counterforensics Webinar: How Insiders Evade Forensics and How to Rev...
 
Monitoring employees in a remote workplace
Monitoring employees in a remote workplaceMonitoring employees in a remote workplace
Monitoring employees in a remote workplace
 
Building an insider threat program
Building an insider threat programBuilding an insider threat program
Building an insider threat program
 
Implementing A User Activity & Behavior Monitoring Program
Implementing A User Activity & Behavior Monitoring ProgramImplementing A User Activity & Behavior Monitoring Program
Implementing A User Activity & Behavior Monitoring Program
 

Kürzlich hochgeladen

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Kürzlich hochgeladen (20)

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Revealing the Dark Web: How to Leverage Technologies to Alert and Block Dark Web Access

  • 1. Veriato Revealing the Dark Web: How to Leverage Technologies to Alert and Block Dark Web Access.
  • 2. Your Speakers Nick Cavalancia Nick Cavalancia is a cyber-security expert with over 25 years of enterprise IT and security experience. He regularly blogs, writes, and speaks on a wide range of cyber security issues, helping organizations, IT professionals, MSPs, and technology vendors understand the state of both insider and external threats, and how to build and execute a strategy to minimize risk. Patrick Knight Patrick Knight is the Senior Director of Cyber Strategy and Technology at Veriato where he helps organizations protect critical data from threats by trusted insiders. His cybersecurity career spans 17 years helping enterprises protect against online threats and developing anti-malware, network intrusion detection, computer and network forensics and encryption technologies.
  • 3. Agenda • Dark Web 101: Defining the Threat • Employees and the Dark Web: Why and How? • Detecting and Blocking Dark Web activity
  • 4. • TOR Browser • Browser Extensions • VPN Use (optional) Dark Web 101 GETTING ON THE DARK WEB
  • 5. Dark Web 101 THERE’S MORE TO THE WEB THAN YOU THINK
  • 12. Employees and the Dark Web • Direct Access to Bad Guys • Monetization – Data – Credentials • Solicitation • Exfiltration HOW CAN THE DARK WEB BE USED?
  • 13. Detecting Employee Dark Web Activity • TOR browser (process, application title, files) • Site names - e.g. .onion (window title) • Network Traffic • Presence of VPN • Leading threat indicators WHAT ARE THE TELLTALE SIGNS?
  • 14. Blocking the Dark Web • Use of the TOR browser • Network traffic to .onion sites • Use of VPN WHAT SHOULD YOU DISALLOW?
  • 15. Stopping the Dark Web Threat • Employees-turned-insiders are a legitimate threat • The Dark Web enables so much threatening behavior • Detection and blocking require some effort, but are achievable.
  • 16. Cerebral Insider Threat Intelligence Platform Cerebral provides an end-to-end integrated internal threat intelligence platform that maximizes both security and efficiency while providing the concrete proof to take legal action. • Powered by AI • Fully Integrated • Scalable • Cloud or On-Prem • Eyes on Glass Technology

Hinweis der Redaktion

  1. Let’s talk a bit about whether it’s illegal to be on the Dark Web, to use the TOR browser, etc.
  2. [I’ll cover this briefly] While our focus today is the dark web, all of the “sub-surface” web is leveraged by cybercriminals, insiders, etc., correct? (thinking we’d talk about non-crawled, but accessible data as sources of data breaches, data sharing, etc.)
  3. [I’m thinking I’ll verbally hand “control” over to you to cover these next 6 slides relatively quickly as more an education of the audience with a bit of back-and-forth, rather than formal questions on each slide (we’ll run out of time). I’ll have some commentary, but you’ll drive the coverage of these while I do the clicking).
  4. [I’ll go over each of these first and then ask you the following questions] What other ways have you seen employees use the Dark Web for personal gain? Which of these is most prevalent?
  5. [I’ll go over each of these first and then ask you the following questions] Patrick, what other ways have you found useful to detect DW activity? Which of these do you see as being most effective?
  6. (I purposely left the list short) Patrick, what else are you seeing customers doing to block the dark web?
  7. [My summary slide]