Threat Hunting Using Passive DNS

We proudly present this workshop together with an internet pioneer: Paul Vixie

Save the DateClick on the .ics file to save the date

CPE Credits Earn 8 CPE (Continuing Professional Education) for attending this workshop. Please request a confirmation.
Location Mövenpick Hotel Zurich-Regensdorf
Im Zentrum 2
8105 Zürich-Regensdorf

Date of Event 7th September 2020
Time 9:00 – 6:00 pm
Special This workshop will be during the SIGS Technology Conference. You have the possibility to hear the keynotes and as well visit the exhibition during the breaks.
Language English
Participation Fee Fr. 790.— (including lunch and apéro)

This Vendor-independent Workshop Provides You

Every transaction on the Internet – good or bad – leaves a trail in the Domain Name System (DNS). In this fast-paced, hands-on four-hour workshop, Internet Pioneer and Farsight Security CEO Dr. Paul Vixie will teach the fundamental investigative techniques and methodology on how to use DNS to combat cyberattacks, from phishing to e-crime to nation-state attacks. This is a rare opportunity to take a “masterclass” from the top expert in the field and learn the proven techniques used by threat hunting teams, from banks to government agencies.

In this masterclass, you’ll:

  • Learn: How to identify and map malicious infrastructures for different types of attacks, from nation-state to fraud, using DNS
  • Discover: Popular investigative “pivot” techniques using DNS
  • Unlock: Additional information from common indicators to advance your investigation
  • Troubleshoot: Possible roadblocks when using DNS in investigations


  • Almost everything we do online uses DNS
  • People can use the Internet to lie, but the Internet itself does not
  • Bad guys often will reuse DNS assets for their malicious infrastructures
  • Passive DNS reveals subtle relationships among DNS datasets, from domain names to IP addresses to name or mail or web or file servers
  • Uncovering shared Internet infrastructure connections can advance investigations, from e-crime to nation-state attacks

Who Should Attend
This workshop would benefit IT and Cybersecurity professionals who work for mid-to-large commercial organizations, including financial, healthcare, technology, automotive and manufacturing corporations, as well as government and law enforcement agencies. Basic knowledge of DNS is helpful but not required.

About the Trainer
Dr. Paul Vixie is an internet pioneer. Currently, he is the Chairman, CEO and cofounder of award-winning Farsight Security, Inc. Dr. Vixie was inducted into the Internet Hall of Fame in 2014 for work related to DNS and anti-spam technologies. He is the author of open source Internet software including BIND 8, and of many internet standards documents concerning DNS and DNSSEC. In addition, he founded the first anti-spam company (MAPS, 1996), the first non-profit internet infrastructure company (ISC, 1994), and the first neutral and commercial internet exchange (PAIX, 1991). In 2018, he cofounded SIE Europe, a European data sharing collective to fight cybercrime. Dr. Vixie earned his Ph.D. from Keio University for work related to DNS and DNSSEC in 2010.

Dr. Vixie is frequently invited to deliver keynotes at technology and business events around the world. He has presented at such events as Copenhagen Cybercrime Conference, FIRST, Palo Alto Networks IGNITE, RSA, Black Hat, DNS-OARC, SANS, Security Interest Group Switzerland (SIGS) Technology Conference and VirusBulletin.

Cancellations of registration are free of charge until 30 days before. Cancellations received beyond this point will incur 100% of the admission fee. You will get an invoice for the respective amount. In any case, however, a delegate may be sent at no additional costs.

Register here!

A Breakthrough European Data Sharing Collective to Fight Cybercrime:

all European-based commercial, government and higher education organisations are invited to join this new community. Please watch the video!

Earn CPE Credits for
attending SIGS Events