bsidesaustin2019 has ended
Thursday, March 28 • 4:00pm - 5:00pm
Purple Packets: Effective Network Defense Against Real-World Attacks

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
There are two sides to every story. Yin and yang. Day and night. Host and network. Unfortunately, when it comes to enterprise security, many organizations tend to focus heavily on host-based defenses, and apply “just-enough” monitoring to their network. However, the network can be one of the best places to not only defend against the attacker, but also observe and understand the capabilities.

In this talk, we’ll examine techniques with which advanced adversaries utilize your networks. Whether it’s via intricate protocol abuse, malleable traffic, or combinations of protocols to avoid standard detection, there is much to glean from an observation of network traffic.

To help our audience discover just how impactful proper network defenses can be, we’re going to emulate the top techniques followed by a detailed explanation of each attack. Furthermore, we’ll outline specific steps that would have detected and stopped the malicious traffic. Our goal, by the end of the session, is for our attendees to have a solid understanding of how the attacks work and what they need to do to protect themselves.


Matt Bromiley

Matt Bromiley is a principal incident response consultant at a top digital forensics and incident response (DFIR) firm where he assists clients with incident response, digital forensics, and litigation support.  Matt brings his passion for digital forensics to the classroom as a... Read More →
avatar for Aaron Soto

Aaron Soto

Aaron Soto is a senior security researcher at Rapid7 on the Metasploit team where he works with a team of exploit developers to identify, test, and integrate the newest exploits.  He also mentors cybersecurity students at the University of Texas at Austin participating in the Cyber... Read More →

Thursday March 28, 2019 4:00pm - 5:00pm
Lil' Tex

Attendees (40)