2 Days Left! iPad Pro including Smart Keyboard, $400 Off, or ASUS Chromebook w/ Online Training!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Using Anti-Evasion to Block Stealth Attacks with Minerva Labs

  • Thursday, December 7th, 2017 at 1:00 PM EST (18:00:00 UTC)
  • Eric Cole and Lenny Zeltser
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Minerva Labs

You can now attend the webcast using your mobile device!

Overview

Successful attackers routinely use evasion to evade baseline anti-malware tools and ultimately compromise endpoints. Evasion techniques involve shunning automated analysis environments, concealing malicious code inside document files that exist solely in memory of otherwise-legitimate applications. How can enterprises prevent such intrusions without relying on after-the-fact detection?

This webcast will explain a unique approach to preventing evasive malware from infecting endpoints. Learn how Minerva's Anti-Evasion Platform automatically blocks threats without ever scanning files or processes. Instead, it simulates an environment in which malicious software "decides" not to run or is otherwise rendered ineffective. After the malware fails to execute, Minerva captures useful, and often never-before-seen, threat intelligence that enterprises can integrate with other security functions.

In addition, see how Minerva's solution stands up against a series of attack technologies that attempt to bypass anti-malware tools, including forms of:

  • Ransomware
  • Fileless or in-memory attacks
  • Advanced backdoors
  • Malicious document files

SANS Reviewer Eric Cole, PhD, will explain the types of malicious software that succeeded at bypassing traditional and next-generation endpoint security tools. He will share his findings regarding the ability of Minerva's Anti-Evasion Platform to block such evasive threats. He will also discuss how Minerva's solution interacted with other endpoint security controls to stop attack attempts and derive new intelligence.

Attend this webcast and be among the first to receive access to Eric Cole's accompanying white paper about combating evasive malware.

View the associated white paper here.

Speaker Bios

Eric Cole, PhD

Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.


Lenny Zeltser

Lenny Zeltser is a senior faculty member at SANS Institute (https://sans.org) and VP of Products at Minerva Labs (https://www.minerva-labs.com). Earlier in his career, Lenny served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania. He blogs at zeltser.com (https://zeltser.com/blog).

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.