Hunting for Suspicious HTTPS and TLS Connections

Channel:
United States SANS Cyber Defense
Subscribers:
23,600
Published on ● Video Link: https://www.youtube.com/watch?v=RqVwk97uuIQ


Duration: 1:02:50
3,640 views
92

This talk navigates the landscape of HTTPS and TLS connections, distinguishing between encrypted and unencrypted HTTPS, and outlining methods to identify suspicious activities. Attendees will learn about tracking encryption certificates and utilizing TLS fingerprinting for threat hunting. We'll also discuss the benefits and limitations of the TLS 1.3 protocol. Ideal for cyber defense professionals and SOC analysts, this session provides essential information on detecting suspicious connections in our environments.

About the Speaker
Max Deweerdt is a SANS Certified Instructor teaching SEC511: Continuous Monitoring and Security Operations. He is also head of sales engineering at NVISO. He has extensive experience with a range of Cyber Defense topics - from policy and frameworks, risk & compliance to deep technical expertise (e.g. threat hunting, incident response, SOC). Max is a trusted advisor to various governments, large corporations and businesses in the EMEA region.



Other Videos By SANS Cyber Defense


2023-11-05Demystifying Data Dumps
2023-11-05The Importance of Reproducable Methodologies in OSINT Investigations
2023-11-05Lessons Learned From Using OSINT to Track Cybercrime in LATAM
2023-11-05OSINT Uncovered: Enhancing Investigations with the ObSINT Guidelines
2023-11-05The Puzzle Palace Model in OSINT Analytic Mindset
2023-11-05Uncovering Law Enforcement Activities: Darknet Vendor OSINT Perspectives
2023-11-05Tips & Tricks For Digital Dumpster Diving
2023-11-05Unlocking the Digital Landscape: Exploring the Power of OSINT for a Connected World
2023-11-05The Growth of Global Election Disinformation: The Role & Methodology of Govt-linked Cyber Actors
2023-09-12Detection Engineering: The Blue Team Cheat Code | Host: Mark Orlando | September 12, 2023
2023-08-09Hunting for Suspicious HTTPS and TLS Connections
2023-08-03What does it take to author a cybersecurity book?
2023-07-31Join us for the SANS Open-Source Intelligence (OSINT) Summit 2023 - September 22!
2023-07-28The Risk to Space: Satellite Communications Systems and Ground Networks as Attack Targets
2023-07-28Drop It Like It's Qbot Separating malicious droppers, loaders, and crypters from their payloads
2023-07-28Panel | 1%: Tiny Gains producing Big Improvements
2023-07-28Zero Trust Architecture: Beyond Proxy or Point Solutions
2023-07-28Ecosystem of Insights: Building Operation Dashboards That Enable Teams
2023-07-28Bridging the Gap: Improving Rules Effectiveness by Integrating Detection and Response
2023-07-28Blueprint Live - 11 Strategies of a World-Class Cybersecurity Operations Center
2023-07-28Cloudy with a Chance of Breaches: OSINTAdventures in Tracing Exposed Credentials


Tags:
continuous monitoring
continuous monitoring cybersecurity
continuous monitoring method
continuous monitoring training
continuous monitoring training course
security operations
security operations training course
security operations training
TLS connections
HTTPS connections
soc analyst training
soc analyst training course
threat hunting
threat hunting training
threat hunting training course
threat detection
threat detection training