Explore the power of cloud-based malware scanning with KLara, a high-speed Yara scanner, in this HITB Security Conference talk. Learn how this open-source tool revolutionizes malware research by enabling rapid scanning of large virus collections. Discover KLara's architecture, featuring multiple workers coordinated by dispatchers, and its impressive scanning speed of 2 GB/s per server. Gain insights into the project's history, use cases, and features, including its ability to run 60 Yara scans simultaneously. Understand the technical aspects of KLara, such as authorization levels, repository control, and file system optimization. See a live demonstration of the tool and learn how to set up your own cloud-based Yara scanner using the publicly available GitHub repository.
Overview
Syllabus
Introduction
Quote
Background
About KLara
KLaras 10 year history
KLaras favorite APT campaigns
Information War
Yara
What is KLara
Three simple principles
The backend
Open source
Installation
Submit New Job
Dashboard
Technical Information
Authorization Levels
Groups
Rules
Repository Control File
Redirect paths
Scan multiple entries
Rewrite output paths
Sharing
Performance
Storage
SSD Wear
Scanning Speed
Internal Use
KLara Training
File System Optimization
Automatic Job Submission
KLara Online Scanner
Rerun jobs
Taught by
Hack In The Box Security Conference
