powered by Altairis GeekCore - kalendář akcí pro vývojáře a IT profesionály

Introduction to Malware Analysis - Lenny Zelster

Datum a čas: přidat do kalendářepřidat do kalendáře čtvrtek 13. října 2016, 18:30 - 20:00
Místo: Praha - NCR
Organizátor: Jakub Jenis- [user:jakubjenis]
Up Close and Personal with Malicious Code

Knowing how to analyze malware has become a critical skill for information security professionals. A good way to get started with such efforts involves examining how malicious software behaves in a controlled laboratory environment. In this session, Lenny Zeltser demonstrates key aspects of this process, walking you through behavioral analysis of a real-world Windows malware specimen by using several free tools and, time permitting, even peeking into the world of code-level analysis.

You will see practical techniques in action and understand how malware analysis will help you to triage the incident to assess key capabilities of the malicious software. You will also learn how to determine ways of identifying this malware on systems in your environment by establishing indicators of compromise.

This presentation will help you start learning how to turn malware inside out. You will:
  • Learn the most essential aspects of malware analysis in the context of incident response and forensic investigations.
  • Understand how to perform initial malware triage by extracting static properties and meta-data from the suspicious executable.
  • Know how to use freely-available tool to examine the behavior of a malicious Windows executable.
  • Time permitting, get a sense for what tools and techniques are involved when examining malicious software at the code level.

Sing up at meetup.com

Presentation will be in English

About the speaker:

Lenny Zeltser is a seasoned business and tech leader with extensive information security expertise. As a product portfolio owner at NCR, he delivers the financial success and expansion of the company’s security services and SaaS products. Beforehand, as the national lead of the security consulting practice at Savvis (acquired by CenturyLink), he managed the US team of service professionals, aligning their expertise to the firm’s cloud solutions.

Lenny helps shape global infosec practices by teaching incident response and malware defenses at SANS Institute and by sharing knowledge through writing, public speaking and community projects. He has earned the prestigious GIAC Security Expert professional designation and developed the Linux toolkit REMnux, which is used by malware analysts throughout the world. Lenny is on the Board of Directors of SANS Technology Institute and on the Advisory Board of Minerva Labs. To get a sense for his thought process and knowledge areas, take a look at http://zeltser.com/blog.

Sing up at meetup.com

Místo konání: Praha - NCR

Rohanské Nábřeží 678/29 Praha 8, 18600

Rivergarden, vchod C.