October 24 Last Day to Save $200 on Cyber Security Training at SANS San Francisco Fall 2018!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Advanced Malware Threat Hunting and Investigation with VirusTotal Intelligence

  • Tuesday, April 24th, 2018 at 1:00 PM EDT (17:00:00 UTC)
  • Matt Bromiley and Shapor Naghibzadeh
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • VirusTotal

You can now attend the webcast using your mobile device!

Overview

Malware continues to be a significant threat to organizations, causing damage on its own or as the tip of the spear for compromised-credential attacks. VirusTotal Intelligence provides a set of advanced capabilities for malware-focused threat hunting and investigation. Threat researchers and analysts can use these capabilities to find and shut down new malware attacks before they cause damage. This webinar will present an end-to-end methodology for investigating a newly-discovered malware sample, beginning with a blog post and file hash, and ending with updated internal security infrastructure. The presenter worked in Google Security engineering and threat analysis for over a decade and has significant experience performing this type of investigation.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS Certified Digital Forensics and Incident Response instructor, teaching Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508) and Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (FOR572), and a GIAC Advisory Board member. He is also a principal incident response consultant at a major incident response and forensic analysis company, combining experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.


Shapor Naghibzadeh

Shapor Naghibzadeh has worked in Google engineering for 11 years, and is currently a Senior Engineering Lead within the Chronicle team. He guides product design from the view of a hands-on threat response analyst. Prior to co-founding Chronicle, Shapor was a founding member of Google's Threat Analysis Group, designed to identify and disrupt targeted attacks against Google and its users. He designed, built, and maintained systems to enable this, including Google-scale malware and log analysis and indexing systems. Shapor has a BS degree in Computer Engineering from the University of Illinois at Chicago.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.