One Week Only! Get an iPad Air with Smart Keyboard, Surface Go, or $300 Off with OnDemand or vLive Training!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

The State of Malware Analysis: Advice from the Trenches

  • Tuesday, September 3rd, 2019 at 3:30 PM EDT (19:30:00 UTC)
  • Lenny Zeltser, Jake Williams, Anuj Soni, Jim Clausing, Evan Dygert
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

When investigating an incident, we seek useful, actionable information about the malicious software discovered on the affected systems. What tools and techniques can assist with such efforts? Experienced incident responders, who also teach FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques course, will share perspectives on the state of malware analysis.

What malware analysis approaches work well? Which don't? How are our tools and methodologies evolving? Join this unique online panel session to hear from:

  • Jim Clausing: Security Architect at AT&T and Internet Storm Center Handler (Panelist)
  • Evan Dygert: Senior Security Engineer for Blue Cross Blue Shield Association (Panelist)
  • Anuj Soni: Senior Threat Researcher at Cylance (Panelist)
  • Jake Williams: Principal Consultant and Funder at Rendition InfoSec (Panelist)
  • Lenny Zeltser: CISO at Axonius and Maintainer of the REMnux distro (Moderator)

This webcast offers a rare opportunity to hear from these industry practitioners in a single session and learn from their insights on the current state of malware analysis. If you join the live event, you'll also get a chance to ask questions that will strengthen your malware analysis powers.

Speaker Bios

Jim Clausing

Jim has over 35 years of experience in the IT field including systems and database administration, and security and research in parallel processing and distributed systems. He's spent the past 20 years as a technical consultant and network security architect for AT&T doing malware analysis, forensics, incident response, intrusion detection, system hardening, and botnet tracking.


Evan Dygert

Evan Dygert is a consultant (Dygert Consulting, Inc.) with over 30 years of experience in software development in areas including compilers, databases, finance, insurance, computer networking and security, and software security. He is experienced in many computer languages including Java, Pascal, C/C++, assembly language, and Python. Since 2005, Evan has also performed digital forensics, computer security and expert witness work. Evan has written expert reports, affidavits, and declarations and testified in multiple depositions, a federal hearing, and a trial. Evan has presented at BSides Orlando, SANS@Night, OWASP AppSec USA and the (ISC)2 Security Congress. He has earned 15 GIAC certifications, including the prestigious GSE. In addition he holds the CISSP, CCE, and CEHv8 certifications. Evan enjoys teaching others about security and mentors local high school CyberPatriot teams. His teams have competed in the CyberPatriot National Finals three times. Evan earned a B.S. in Computer Science from Brigham Young University, an MBA from Rollins College, and has completed the coursework for a Ph.D. in Computer Information Systems and will earn his Ph.D. upon completion of the dissertation.


Anuj Soni

Anuj Soni is a senior incident responder at a DC-based consulting firm. Anuj manages and executes specialized incident response techniques to detect, respond to, and mitigate sophisticated threat actors across commercial and government networks. He uses his skills in conducting host-based forensics, malicious code analysis, and advanced threat risk assessments to help clients improve their security posture. He has over 8 years of experience in incident response, forensics, malware analysis, penetration testing, and steganalysis. Anuj received his Bachelors and Masters from Carnegie Mellon University and holds the following certifications: GIAC Reverse Engineering Malware (GREM), EnCase Certified Examiner (EnCE), and Certified Information Systems Security Professional (CISSP).


Jake Williams

Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.


Lenny Zeltser

Lenny has written his share of cybersecurity reports and other content during his tenure in the industry. He'll share with you the writing tips he has picked up along the way. Lenny is senior faculty member at SANS and CISO at Axonius. Earlier in his career, he served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania. He blogs at zeltser.com/blog.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.