8 days left to get a GIAC Cert Attempt or $350 Off with OnDemand and vLive Training


To attend this webcast, login to your SANS Account or create your Account.

Introduction to Behavioral Analysis of Malicious Software

  • Monday, September 30th, 2013 at 1:00 PM EDT (17:00:00 UTC)
  • Lenny Zeltser
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


Knowing how to analyze malware has become a critical skill for incident responders and forensic investigators. A good way to get started with such efforts involves examining how malicious software behaves in a controlled laboratory environment. In this introductory briefing, Lenny Zeltser demonstrates key aspects of this process, walking you through behavioral analysis of a malware specimen by using several free tools.

You will see practical techniques in action and understand how behavioral analysis of malware will help you to triage the incident to assess key capabilities of the malicious software. You will also learn how to determine ways of identifying this malware on systems in your environment by establishing indicators of compromise (IOCs). Join this briefing to start learning how to turn malware inside out! It'll be fun.

Speaker Bio

Lenny Zeltser

Lenny Zeltser is a seasoned IT professional with a strong background in information security and business management. As a Product Management Director at NCR Corporation, he focuses on safeguarding IT environments of small and midsize businesses worldwide. Before NCR, he led an enterprise security consulting team at a major IT hosting provider.

Lenny's most recent work has focused on malware defenses and cloud-based services. He teaches how to analyze and combat malware at the SANS Institute, where he is a senior faculty member. He also participates as a member of the board of directors at the SANS Technology Institute and volunteers as an incident handler at the Internet Storm Center.

Lenny frequently speaks on security and related business topics at conferences and industry events, writes articles, and has co-authored books on forensics, network security, and malicious software. He is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation. Lenny has an MBA degree from MIT Sloan and a computer science degree from the University of Pennsylvania. You can learn more about Lenny's projects on his personal website and blog.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.