Your SlideShare is downloading. ×
BE THE MASTER OF YOUR DOMAIN
Introducing OTX Reputation Monitor Alert – free service
Black Hat 2013
It’s 2AM. Do you know what
your servers are doing?
Source: http://www.vagabumming.com/drunkguypic/
You may not get drunk when managing your servers…
So… How can you become
master of your domain?
Source: http://blog.bufferapp.com/how-to-build-a-great-twitter-reputation-and-get-more-followers-and-retweets
OTX Reputation Monitor Alert – free service
What is AlienVault’s OTX Reputation Monitor Alert?
Leveraging the world’s only...
9
Where are we monitoring for you?
These events will trigger an alert:
 OTX IP/Domain Match
 Presence in Pastebin/Pastie...
10
How does the service work?
1. Sign up via our OTX portal.
2. Register your organization’s public
IPs and domains.
3. Wh...
How does AlienVault do it?
12
The Power of the “Crowd” for Threat Detection
 Cyber criminals are using (and
reusing) the same exploits against
other...
Global threat detection for local response
What is Open Threat Exchange (OTX)?
 An open and collaborative initiative for security
professionals to connect with thei...
Kramer’s out. But there’s still hope for you.
Source: http://home.swipnet.se/~w-44777/kramer2.jpg
Sign up now!
Several ways to do it:
• Scan the QR code on the card
• Use one of our demo “tables” in
the booth
• OR go to:...
AlienVault OTX Reputation Monitor
Upcoming SlideShare
Loading in...5
×

AlienVault OTX Reputation Monitor

1,104

Published on

Don't be the last to know if your website, domains or IPs show up in a blacklist, Pastebin, or third party IP reputation database. Check out this quick overview of AlienVault’s OTX Reputation Monitor Alerts. OTX Reputation Monitor Alert service is a free service to monitor the reputation of your public domains and IPs. You’ll not only receive alerts if one of your assets is potentially compromised or used in attack, you’ll also receive our free monthly threat intelligence alert newsletter. Exactly what you need to be the master of your domain.

Published in: Technology, Design
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,104
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • http://www.vagabumming.com/drunkguypic/
  • http://blog.bufferapp.com/how-to-build-a-great-twitter-reputation-and-get-more-followers-and-retweets
  • The AlienVault OTX Reputation Monitor enables end users to verify the security (or “reputation”) of their publicly addressable IP range(s). This allows immediate notification of Malware InfestationsSpamming HostsMalicious ActivityPotential BreachesCompromised WebsitesHosts being used for BotnetsRegistered users can instantly check their IP address range(s) and domains against the AlienVault OTX database as soon as they register. Additionally, registered users will receive instant notifications should those IPs ever show up in the future. In addition to instant alert notifications, registered users will also receive monthly threat intelligence reports via email.
  • Pastebin/Pastie Alerts - we monitor hacker forums such as paste bin/pastie and a few other sites to see if we ever find the domains/IPs posted.  These sites are often used to store the output from recon tools and as the destination for data exfiltration. We will provide the specific link to where this information is found within the alert. OTX IP/Domain Match - we immediately and continually look for matches between the IP addresses/domains that the user entered and those in our OTX database. DNS Blacklist – we look for the registered domain names in any public blacklist.DNS Registration Update – we look for changes to the DNS registration information.  This can be an indicator of someone hijacking the domain or could be a routine change of the ISP – either way, we alert the user.SSL Certification Update – we look for updates to the SSL certificate.  This can be an indicator of someone compromising your website and trying to intercept traffic or could simply be a routine change of the ISP.
  • This is a very simple four step process, all enabled through a web-based portal designed to be a “one-stop-shop” for all resources available to the AlienVault Community (Forum, Knowledge Base, etc). After registering, users enter the IP addresses owned by their organization, and these are checked against our OTX database as it is updated. If there is an “instant” match, then we provide information on the observed issues, along with some basic remediation suggestions. If there’s no match, we provide verification to the user that their IP addresses and domains are not in our database, but that we will continue to monitor them, and send them immediate notifications if their public IP addresses or domains ever show up in the OTX database. We will also send them monthly threat intelligence emails outside of the context of these alerts.
  • http://www.cityofhemet.org/images/pages/N294/Neighborhood%20Watch%20Sign.jpg
  • The industry’s only threat collaboration database with 9,500 contributors in 120+ countries
  • http://home.swipnet.se/~w-44777/kramer2.jpg
  • Transcript of "AlienVault OTX Reputation Monitor"

    1. 1. BE THE MASTER OF YOUR DOMAIN Introducing OTX Reputation Monitor Alert – free service Black Hat 2013
    2. 2. It’s 2AM. Do you know what your servers are doing?
    3. 3. Source: http://www.vagabumming.com/drunkguypic/
    4. 4. You may not get drunk when managing your servers…
    5. 5. So… How can you become master of your domain?
    6. 6. Source: http://blog.bufferapp.com/how-to-build-a-great-twitter-reputation-and-get-more-followers-and-retweets
    7. 7. OTX Reputation Monitor Alert – free service What is AlienVault’s OTX Reputation Monitor Alert? Leveraging the world’s only open and collaborative IP reputation database, AlienVault’s OTX Reputation Monitor Alert monitors the reputation of your assets (public IPs and domains) and emails you notifications whenever there are changes. What threats does it uncover? Malware Infections Spamming Hosts Malicious Activity Potential Breaches Compromised Websites Hosts being used for Botnets 8
    8. 8. 9 Where are we monitoring for you? These events will trigger an alert:  OTX IP/Domain Match  Presence in Pastebin/Pastie  Presence on a DNS Blacklist  DNS Registration Update – informational only  SSL Certificate Update – informational only
    9. 9. 10 How does the service work? 1. Sign up via our OTX portal. 2. Register your organization’s public IPs and domains. 3. When there’s a match on one of our alert types, we’ll email you an alert with more information and remediation advice. 4. You’ll also receive our monthly threat intelligence newsletter. Registration takes just a few minutes…
    10. 10. How does AlienVault do it?
    11. 11. 12 The Power of the “Crowd” for Threat Detection  Cyber criminals are using (and reusing) the same exploits against others (and you).  Sharing (and receiving) collaborative threat intelligence makes us all more secure.  Using this data, identify, flag and block known attackers by source IP addresses.  Organizations can’t build this “neighborhood watch” infrastructure on their own… that’s where AlienVault comes in… 12 Source: http://www.cityofhemet.org/images/pages/N294/ Neighborhood%20Watch%20Sign.jpg
    12. 12. Global threat detection for local response
    13. 13. What is Open Threat Exchange (OTX)?  An open and collaborative initiative for security professionals to connect with their peers, find free tools for security monitoring, and learn about the latest threats and defensive tactics from security researchers.  Open source threat intelligence projects and services including OSSIM and OTX Reputation Monitor Alert  Centralized place for these rich resources:  OTX Projects  OTX Blog  OTX Forums  OTX Learning Center 14  8,000+ contributors  140+ countries
    14. 14. Kramer’s out. But there’s still hope for you. Source: http://home.swipnet.se/~w-44777/kramer2.jpg
    15. 15. Sign up now! Several ways to do it: • Scan the QR code on the card • Use one of our demo “tables” in the booth • OR go to: www.alienvault.com/blackhat-otx

    ×