Full Name
Eric Poynton
Job Title
Systems Engineer
Company
Arista Networks
Speaker Bio
Eric Poynton is a Systems Engineer at Awake Security, The NDR Security Division of Arista Networks. He focuses on threat hunting and successfully discovers and investigates compromised IoT, managed, and unmanaged devices in enterprise networks on a near daily basis. Additionally, Eric conducts research and development on methodologies to make Security Operations Center (SOC) teams more accurate and efficient. He is a Board Member on EC-Council's Security Operations Center Advisory Board and is self-taught in computer science and several programming languages. Eric also graduated with honors from the University of Pittsburgh with a degree focused in Economics
Speaking At
TTC 2021 Speaker Type
Presenter
Topic and Description
Presentation Topic: Tales from the Trenches while Hunting for Threats in Media and Entertainment
Description: In this presentation we will share real-world experiences from threat hunting in one of the world's largest media and entertainment corporations. We will start by describing the threat model that drove our efforts, including risks such as content theft, ransomware and content encryption, unauthorized content modification and modification of ad-feeds, etc. We will then quickly discuss approaches for organizations like these to gain a broad understanding of their attack surface, including unmanaged IoT devices and all the IP-based equipment that are now part of the production and distribution processes. We will wrap things up with a few anonymized case studies of threats that targeted this environment. Eric will walk the audience through the hunting, detection and investigation processes followed while combating everything from early stages of ransomware to uncovering exposed IoT devices and from botnets and malicious browser extensions that steal data to cryptocurrency mining.
Attend this session to learn about:
- Tools, techniques and tactics attackers use to target media and entertainment companies;
- Defensive controls used by the most mature security teams within media and entertainment;
- Tips and tricks for enhancing your own threat hunting / detection and response processes to combat the new threat landscape media and entertainment organizations are exposed to.
and
Roundtable Topic: Tales from the Trenches while Hunting for Threats in Media and Entertainment
Description: Q&A Session
and
Roundtable Topic: Securing SMPTE ST 2110 Systems
Description: Securing SMPTE ST 2110 systems is becoming an important issue since it adds new ways that your facility can be attacked. For example, an attacker could disable your SMPTE ST 2059/Precision Time Protocol (PTP) infrastructure, crippling your facility. Tackling security may seem like a daunting challenge. Many users and equipment vendors do not know where to start. Coming learn and discuss practical information on securing your ST 2110 systems.
Eric Poynton, Systems Engineer for Awake, the NDR security division of Arista, will share real-world experiences from threat hunting in one of the world's largest media and entertainment corporations.
Leigh Whitcomb, Architect, Imagine Communications will share information from his 2021 April SMPTE Journal article “A Practical Guide to Securing SMPTE ST 2110 Systems and What Standards Organizations Are Doing to Help” https://ieeexplore.ieee.org/document/9395676
Description: In this presentation we will share real-world experiences from threat hunting in one of the world's largest media and entertainment corporations. We will start by describing the threat model that drove our efforts, including risks such as content theft, ransomware and content encryption, unauthorized content modification and modification of ad-feeds, etc. We will then quickly discuss approaches for organizations like these to gain a broad understanding of their attack surface, including unmanaged IoT devices and all the IP-based equipment that are now part of the production and distribution processes. We will wrap things up with a few anonymized case studies of threats that targeted this environment. Eric will walk the audience through the hunting, detection and investigation processes followed while combating everything from early stages of ransomware to uncovering exposed IoT devices and from botnets and malicious browser extensions that steal data to cryptocurrency mining.
Attend this session to learn about:
- Tools, techniques and tactics attackers use to target media and entertainment companies;
- Defensive controls used by the most mature security teams within media and entertainment;
- Tips and tricks for enhancing your own threat hunting / detection and response processes to combat the new threat landscape media and entertainment organizations are exposed to.
and
Roundtable Topic: Tales from the Trenches while Hunting for Threats in Media and Entertainment
Description: Q&A Session
and
Roundtable Topic: Securing SMPTE ST 2110 Systems
Description: Securing SMPTE ST 2110 systems is becoming an important issue since it adds new ways that your facility can be attacked. For example, an attacker could disable your SMPTE ST 2059/Precision Time Protocol (PTP) infrastructure, crippling your facility. Tackling security may seem like a daunting challenge. Many users and equipment vendors do not know where to start. Coming learn and discuss practical information on securing your ST 2110 systems.
Eric Poynton, Systems Engineer for Awake, the NDR security division of Arista, will share real-world experiences from threat hunting in one of the world's largest media and entertainment corporations.
Leigh Whitcomb, Architect, Imagine Communications will share information from his 2021 April SMPTE Journal article “A Practical Guide to Securing SMPTE ST 2110 Systems and What Standards Organizations Are Doing to Help” https://ieeexplore.ieee.org/document/9395676
