Jochen Belke – CISSP, is currently working for Lancope as Regional Technical Manager. He has more than 20 years of experience in Networks and Security, including Hardware Security Modules, Key Management, Link-, Storage- and Device-Encryption, NAC, Network Appliances and optimizations in the LAN and WAN area. He previously worked for companies like Thales eSecurity, Citrix ANG and Utimaco Safeware.
Invisible attacks – visible in your network. How to see and follow the tracks?
The nature of attacks have significantly changed recently. From broad and scattershot to very targeted attacks with persistent adversaries (often times nation-states). The attacks of today use advanced malware, zero-day and APT tactics to penetrate networks for the purpose of control, espionage and data theft. What is the most important, these attacks evade and obfuscate traditional security solutions (FW, IPS, Content Security, Antyvirus, etc.), trying to hide and to be invisible in a compromised network. During this session we will cover this problem. We will present modern technologies which discover and block stealth attacks, with an emphasis on the network layer solutions. We will also present case study of detecting data loss, network reconnaissance activity as well as detecting botnet command, control activity and tracking the spread of a malware infection throughout the network.