Defensive Security Podcast Episode 118

3 thoughts on “Defensive Security Podcast Episode 118

  1. Hey guys, great show as usual.

    Here is how I’m planning to deal with the look-alike domains discussed in the show.

    On my inbound email system I’m going to use a regex string to detect partial matches to the domain I’m trying to protect in the sender address and message body (for links).

    For example, if I’m attempting to protect the domain I’d match on any sender string that contains “@de” and ends with “” (obvious tweaking necessary for message body and links, etc).

    For messages that meet this match I’ll alert our SecOps and include a Warning in the subject line or maybe defang the link altogether.

Leave a Reply