Last week, Jeremiah O’Connor and Josh Pyorre, from OpenDNS Security Labs visited Boston to present at ‘Source Conference Boston‘. The night before the conference, we attended an awesome dinner where we had the opportunity to casually chat with other speakers at the conference. For about 2 hours, we mingled with people from Pwnie Express, Rapid7, Redhat, Crowdstrike and many other innovative companies. We shared our passions for security and discussed how we approach the field of security research in our various professions.
Source Boston, Day 1:
The first day of the conference began with a keynote from Jim Routh, the CISO of Aetna. He gave an insightful look at security today and the challenges we all face in attempting to keep our information private.
Jeremiah O’Connor (OpenDNS) spoke about building NLPRank, which we use at OpenDNS to identify and block malicious behavior in network traffic with Natural Language Processing techniques. He demonstrated how the programatic use of natural language processing on DNS traffic can automatically prevent targeted phishing and related attacks in which attackers use similar domain names to the domains they are trying to impersonate. He somehow managed to squeeze a hearty discussion of NLP and linear algebra into 40 minutes! Most of the audience stayed on through half of lunch to ask a lot of great questions.
Daniel Crowley and Damon Smith from iSec partners gave an interesting talk on their research into uncovering new vulnerabilities associated with file formatting.
Dan Lambright, from Redhat presented on ‘Penetration Testing in the Cloud’, in which he addressed challenges associated with ensuring infrastructure is secure in cloud environments.
Silas Cutler, from CrowdStrike gave an interesting talk on the threat actor known as Gothic Panda and their use and modifications for various campaigns of the Pirpi malware.
The day closed out with another keynote from Mike Murray, Director of Cyber Security Assessment and Consulting at GE Healthcare. Mike engaged the audience with ideas on the internet of things and what it means for the future of security.
Source Boston, Day 2:
Josh Pyorre (OpenDNS) spoke about deploying intrusion detection in cloud environments to monitor and detect attacks against shared hosting. The talk was received well and was followed with a great discussion into cloud server protection.
Roy Wattanasin from MITM gave an interesting talk about security in the healthcare industry, speaking about the different attacks in just the past year.
Jen Ellis presented on the topic of ‘Hacking the Media’. She discussed the best ways to interface with media as a security professional, providing tools and techniques on how best to present our research for consumption by a broader audience and the proper methods of communication etiquette when working with the press.
While in Boston, we also had the opportunity to meet up and grab lunch with our Boston regional sales manager, Anjali Hegde. It’s always great to be able to catch up with the great co workers we rarely see back at HQ.
Like most conferences, we couldn’t attend every presentation. However, they were recorded and should be online at some point. We are really looking forward to catching up on the ones we missed.
Beyond the conference, we were able to explore the city a little and try some amazing seafood!
OpenDNS Labs is a place where network security meets data science, so it made sense to have a joint meetup between SFText, a group of data scientists interested in natural language processing and text analytics, and OpenLate, OpenDNS’ own meetup which brings in software developers and security professionals to speak about their research. SFText is run by Alexey Khrabrov, Chief Scientist at Nitro. Jeremiah met Alexey through an applied natural language processing workshop held by Gabor Melli a few months back at Galvanize. After the workshop, they spoke about how OpenDNS uses NLP and machine learning techniques to detect malicious behavior in network traffic and came up with the idea to hold a meetup for NLP and data scientists at OpenDNS. It was great to see a mix of developers, data scientists, info-sec professionals and students in the crowd. Jeremiah spoke for around 80 minutes about OpenDNS Labs research involving detection techniques that use text processing in DNS and HTTP traffic. He also discussed using Gensim, a fantastic library by Radim Řehůřek. Interaction with the crowd was lively and full of great questions. Additionally, some cool artwork was created (displayed in this post) of the presentation by developer and artist Romy Ilano.
This joint meetup of OpenLate and SFText was a great success and we look forward to it being the first of many more joint meetup events!