Overview
Syllabus
Intro
WHAT ARE WE DOING?
FULL DISCLOSURE
OVERVIEW
MALWARE - POS
MALWARE - DROP SPOT
MALWARE - FINAL EXFILTRATION
THREAT SCORE?
STATIC & DYNAMIC
STATIC ANALYSIS
STATIC - SECTIONS
STRING ANALYSIS
DYNAMIC ANALYSIS
PROCESS MANAGEMENT
PROCESS CREATED
FTP PACKETS
IP SCANNER
WHAT DID WE LEARN?
EASY TO USE
DETECTION OBSESSION
VM EVASION
TO CONSIDER
RIGHT TOOLS FOR THE JOB?
ECON 101
WHEN TO USE A TOOL?
WHEN NOT TO USE A TOOL?
CAN SECURITY BE AUTOMATED?
SO SHOULD I BUY A SANDBOX OR WHAT BUDDY?
ARMS RACE
EVOLVE OR DIE
TRAINING
TECHNOLOGY ISN'T THE ONLY WAY
WHAT'S RIGHT FOR YOUR ORGANIZATION?