Webinar

Bob Baxley, CTO, Bastille

Bob Baxley, CTO, Bastille

Enhanced Threat Hunting to include Wireless APTs

from Cellular, Bluetooth, BLE and IoT devices

Time and again we hear “If you want to hunt threats, you have to have data.” Advanced Persistent Threats and Vulnerabilities from near-network devices using Cellular, Bluetooth or one of the many IoT protocols are invisible to most enterprise threat hunters, as few have any solution to collect the data regarding these devices. Without the data for threat hunters to investigate, the devices and threats persist, making the threat invisible.

Bastille’s threat detection capabilities allow full visibility into near-network devices operating in or close to your environment. Bastille detects the persistent threats that other enterprise threat hunters cannot detect, sending data to your SIEM and existing enterprise infrastructure to give you all the information you need to identify and locate the threat

devices by protocol.gif

Use Case: Data Exfiltration -- Mobile Devices Remaining Suspiciously Static and /or Transmitting Inside OR Outside your buildings.
When a cellular near-network device such as a cell phone comes inside your building or comes suspiciously close to your buildings, but never comes inside, the Bastille API will communicate with your SIEM to provide this data to the SOC. If the device is then static for several hours or days in an unusual location (inside or outside), and is exhibiting tell-tale signs of data exfiltration such as transmitting data, then Bastille can trigger an investigation using your existing security systems and personnel.

Bastille Threat Hunter offers constant monitoring and visibility into risks of data exfiltration from near-network devices using radio frequencies from 25 MHz to 6 GHz, this includes but is not limited to:

Bastille Threat Hunter for Near-Network Devices

Bastille Threat Hunter for Near-Network Devices

  • Cellular

  • Wi-Fi

  • Bluetooth and BLE

  • IoT protocols (Zigbee, Z-Wave, LoRa and more)

  • Plus many proprietary channels

During the webinar Bob will discuss use cases and techniques, plus demonstrate the Bastille Threat Hunter, a portable kit. Bob will also cover how Bastille integrates with enterprise infrastructure and fits within the Mitre ATT&CK framework. 

Presenter: Dr. Baxley is CTO, Bastille and former Director of the Software Defined Radio Lab at Georgia Tech (bio here). Bob is the former Director of the Software Defined Radio Lab at Georgia Tech, where he led projects on SIGINT, Electronic Warfare and Covert Communications for DoD and IC customers. During the webinar, Dr. Baxley will discuss Bastille’s research about RF and wireless based APTs and vulnerabilities. He will also demonstrate how the Bastille Threat Hunter can add unique data into your Threat Hunting systems and practice.

Who should watch:

  • Threat Hunters

  • Network and Cyber Security Professionals 

  • Network Operations Professionals

  • Anyone concerned with data exfiltration risks



Bastille In the News