Threat Intelligence with Community Services
Team Cymru provides a variety of freely available solutions for the community. This talk will contain detailed information about two of those solutions:
Unwanted Traffic Removal Service (UTRS) : This project is a community service project, where network operators help other network operators mitigate DDoS attacks. Team Cymru is simply the steward and service provider of this service. This is all about building a global collection of network operators that will honor other network operators’ requests to black hole attack traffic.
NimbusTM : This project allows Services Providers, MSPs, and CSIRT teams to take advantage of Team Cymru’s reputation feeds. NimbusTM correlates flow data with IP Reputation data and prepares dashboards / reports via a Kibana interface.
This presentation will cover:
– What is Team Cymru
– What is NimbusTM
– Technical presentation on configuring flow exports and how to use metadata for threat intelligence
– What is UTRS v1
– What is new in UTRS v2 (with a brief on BGP FlowSpec)
Speaker
-
Brian DavenportSolutions Engineer, Community Services Team CymruBrian Davenport is a Solutions Engineer for the Outreach department at Team Cymru. He brings a decade of experience utilizing metadata to improve network security and performance. As a Solutions Engineer Brian is helps partners implement and understand all of the community services offerings, with his focus being on NimbusTM. Professionally he is passionate about working with smart people to solve hard problems, off hours Brian enjoys hiking through the white mountains and traveling as much as possible.