Enterprise businesses need malware analysts
Credit to Author: Nikolay Pankov| Date: Wed, 08 Nov 2017 10:08:26 +0000
Most modern, enterprise-level companies understand the menace of cyberthreats to business. Some of them have tried to solve cybersecurity problems with the help of system administrators and security software, but today, more and more companies have realized the need for in-house experts and even security operations centers (SOCs).
One of the reasons more businesses are coming around is that modern attacks on business infrastructure are now carried out by atypical means. Attackers thoroughly develop their operations and sometimes write unique malicious code for each attack. This creates several problems with identification and protection from attacks, and, worse, it seriously complicates investigation. But to protect a company’s data, or at least to minimize the harm caused by an attack, sometimes you need to conduct a full analysis of the malicious activity without delay.
That is why true cybersecurity experts must be skilled at, among other things, advanced static analysis. This process allows analysts to produce high fidelity descriptions of executable code regardless of execution flow and tricky runtime checks. It enables them to produce an extensive set of actionable items, including lists of C&C servers, file and memory signatures, crypto-implementations, and more.
Of course, information of that kind is not easy to come by, but we know one place where you can find it: the annual Security Analyst Summit, which will take place this year in March in Cancún, Mexico.
Prior to the conference, our experts will hold several training sessions, including “The God-Mode Practical Training in Static Analysis of APT Malware.” The course will cover most of the steps required to analyze a modern APT toolkit, from receiving the initial sample all the way to producing a deep technical description with IOCs. The course material is based on many years of experience analyzing the most complex threats ever discovered in the wild, including: Equation, Red October, Sofacy, Turla, Duqu, Carbanak, ShadowPad, and many more.
Other available sessions are:
- Hunt APTs with Yara like a GReAT Ninja
- Applied Physical Attacks on Embedded Systems
- The Good and the GReAT — Stepping up your Threat Intelligence Game
A more detailed description of the courses and prerequisites for attendance can be found on the SAS conference website. You may enroll through this website or by sending a note to sas2018@kaspersky.com. Please note that seats are limited.
Also, you can attend the Security Analyst Summit 2018 as a speaker if you have something to share with the cybersecurity community. Just send your abstract directly to sasCFP@kaspersky.com. Individual proposals should be no more than 350 words (final presentations will be no more than 20 minutes). Proposals should include the title of the paper and should clearly spell out the focus and goal of the presentation. The deadline for submissions is November 15, 2017. You can find more information and a list of our most-sought-after areas of research here.