Explore how malware exploits and misuses legitimate software in this 48-minute LASCON conference talk. Discover common techniques employed by malware authors to conceal their activities and evade detection. Learn about the challenges faced in forensic investigations and gain actionable insights to secure your development process. Understand the importance of creating a secure build environment, the realities of code signing, and methods for positively identifying your software. Walk away with practical strategies to protect your applications from becoming targets for malware authors and ensure third-party validation. Delve into topics such as antivirus systems, file reputation services, sandboxes, system comparisons, and the crucial role of certificates in software security.
Overview
Syllabus
Intro
Background
Typical Malware Investigation
Antivirus
File Ballot
How do you know if its good
VirusTotal
Google
File Advisor
Sandboxes
Comparing systems
HP files
Certificates
Download and Compare
How can you help
Use Trusted Third Parties
Protect Your Building Arm
Securing Your Build Environment
Protect Your Build Environment
Never Ship Infected Code
Taught by
LASCON
