Threat Intelligence with Community Services

Team Cymru provides a variety of freely available solutions for the community. This talk will contain detailed information about two of those solutions:

Unwanted Traffic Removal Service (UTRS) : This project is a community service project, where network operators help other network operators mitigate DDoS attacks. Team Cymru is simply the steward and service provider of this service. This is all about building a global collection of network operators that will honor other network operators’ requests to black hole attack traffic.

NimbusTM : This project allows Services Providers, MSPs, and CSIRT teams to take advantage of Team Cymru’s reputation feeds. NimbusTM correlates flow data with IP Reputation data and prepares dashboards / reports via a Kibana interface.

This presentation will cover:
– What is Team Cymru
– What is NimbusTM
– Technical presentation on configuring flow exports and how to use metadata for threat intelligence
– What is UTRS v1
– What is new in UTRS v2 (with a brief on BGP FlowSpec)