Cyber Criminals are increasingly exploiting the Internet services to build agile and resilient infrastructures, and consequently to protect themselves from being exposed and taken over. This session will explain how the correlation of Internet data on multiple levels (DNS, BGP, ASN, Prefixes/IPs) can be used to build and deliver a new model of security that is pervasive and predictive, and that allows us to expose the attackers' infrastructure. Detection models that can be built and applied (such as co-occurrences, NLPRank, and Spike Detectors), and how the different detectors can be integrated to expose malicious infrastructures and advanced persistent threats.

Furthermore, we'll talk a little bit about these advanced persistent threats, the malware and attack techniques that try to work their way down to your endpoint devices. What do you do when your boss asks if you are affected by a threat he/she read about last night? How do you answer if you are compromised or not?