End-to-end Botnet Monitoring with Automated Config Extraction and Emulated Network Participation
2023-04-24 | 09:30 – 10:10
With the quantity and sophistication of bots and botnets ever increasing, automation is key in gathering threat intelligence, and disseminating it to defence systems. With botnets’ rapid flux in nodes and update sources, this information needs to be captured and distributed as quickly as possible. In this talk we will look at an approach to this problem, whereby threat intelligence is automatically gathered from bot samples and the botnets they belong to, allowing prompt distribution to security software on endpoints to allow their monitoring to detect the latest threats.