Top Cybersecurity Instructors and Best Offers of the Year Available Now - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Using Anti-Evasion to Block Stealth Attacks with Minerva Labs

  • Thursday, December 07, 2017 at 1:00 PM EST (2017-12-07 18:00:00 UTC)
  • Lenny Zeltser, Eric Cole, PhD


  • Minerva Labs

You can now attend the webcast using your mobile device!



Successful attackers routinely use evasion to evade baseline anti-malware tools and ultimately compromise endpoints. Evasion techniques involve shunning automated analysis environments, concealing malicious code inside document files that exist solely in memory of otherwise-legitimate applications. How can enterprises prevent such intrusions without relying on after-the-fact detection?

This webcast will explain a unique approach to preventing evasive malware from infecting endpoints. Learn how Minerva's Anti-Evasion Platform automatically blocks threats without ever scanning files or processes. Instead, it simulates an environment in which malicious software "decides" not to run or is otherwise rendered ineffective. After the malware fails to execute, Minerva captures useful, and often never-before-seen, threat intelligence that enterprises can integrate with other security functions.

In addition, see how Minerva's solution stands up against a series of attack technologies that attempt to bypass anti-malware tools, including forms of:

  • Ransomware
  • Fileless or in-memory attacks
  • Advanced backdoors
  • Malicious document files

SANS Reviewer Eric Cole, PhD, will explain the types of malicious software that succeeded at bypassing traditional and next-generation endpoint security tools. He will share his findings regarding the ability of Minerva's Anti-Evasion Platform to block such evasive threats. He will also discuss how Minerva's solution interacted with other endpoint security controls to stop attack attempts and derive new intelligence.

Attend this webcast and be among the first to receive access to Eric Cole's accompanying white paper about combating evasive malware.

View the associated white paper here.

Speaker Bios

Eric Cole, PhD

Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.

Lenny Zeltser

Lenny is senior faculty member at SANS and CISO at Axonius. Earlier in his career, he served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania. He blogs at

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.