The Best Online Cybersecurity Training in the World - SANS OnDemand

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Sharpen Your Threat Hunting Capabilities with YARA

  • Wednesday, June 20th, 2018 at 3:30 PM EDT (19:30:00 UTC)
  • Matt Bromiley, Evan Derheim and Victor Manuel Alvarez
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Google LLC

You can now attend the webcast using your mobile device!

Overview

YARA is an open-source tool designed to help malware researchers proactively identify and classify malware samples in the future and from the past. With YARA, you can create pattern-based rules to analyze malware families. Whether you are new to YARA or an advanced user, we will share best practices for building rules and helping you level up your threat hunting capabilities.

This year is YARAs 10th anniversary, what better way to celebrate than by learning more about this proactive threat hunting tool!

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.


Evan Derheim

Evan is a Customer Experience Engineer for VirusTotal. Before coming to VirusTotal, he worked at both NASA’s security operation center and NASA’s supercomputing facility. An entrepreneur at heart, he has started two technology-centric businesses. He earned his BS studying information systems at San Jose State University. When he’s not dabbling with new business ideas, he enjoys watching Bay Area sports teams and working out.


Victor Manuel Alvarez

Victor is a Senior Software Engineer for VirusTotal and the creator of the malware hunting language, YARA Rules. He was an experienced Antivirus Researcher with strong abilities in reverse-engineering and low-level programming and debugging. Experience with a broad range of programming languages and technologies. Deep understanding of operating systems internals and Intel's processors.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.