Don't Miss Out on the Best Specials of the Year Available Now - Top Training, Top Instruction!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

How to Run Linux Malware Analysis Apps as Docker Containers

  • Monday, January 05, 2015 at 1:00 PM EST (2015-01-05 18:00:00 UTC)
  • Lenny Zeltser

You can now attend the webcast using your mobile device!



There are wonderful malware analysis applications out there that run well on Linux; however, installing and configuring them could be quite challenging. A relatively new approach using such tools involves running them as application containers. In this scenario, the application is packaged together with its dependencies as a Docker image, so you don't have to worry about setup or runtime problems that can occur when running the apps in a traditional manner.

In this informative webcast Lenny Zeltser, the lead author of SANS' malware analysis course, explains how you can use malware analysis tools that are already distributed as Docker images as part of the REMnux project. These tools include Thug, Viper, Rekall, JSDetox, and others. Lenny also offers tips for packaging your favorite apps in a similar manner. He covers the following topics:

Tune into this webcast to start learning about Docker containers, so you can not only use them when examining malicious software, but also so you better understand what application containers are and what role they might play alongside other infrastructure technologies.

Speaker Bio

Lenny Zeltser

Lenny Zeltser has written his share of cybersecurity reports and other content during his tenure in the industry. He'll share with you the writing tips he has picked up along the way. Lenny is senior faculty member at SANS and VP of Products at Minerva Labs. Earlier in his career, he served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania. He blogs at

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.