With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. While many analysts have a grasp on how to appropriately reverse malware, there is large room for improvement by extracting critical indicators, correlating on key details, and cataloging artifacts in a way to improve your corporate response for the next attack. This talk will cover beyond the basics of malware analysis and focus on critical indicators that should analysts should focus on for attribution and better reporting.
Brian Baskin is a digital forensics professional and incident responder with The Newberry Group. When not managing incident responses, Brian is an intrusions analyst and malware analyst/reverse engineer for the Defense Computer Forensics Laboratory, part of the Defense Cyber Crime Center. For nearly 15 years Brian has worked to research, develop, and train responses to growing network threats. Brian devotes much of his time to researching malware, network protocols, and Linux and UNIX intrusion responses. He has authored numerous books on computer security and developed software to allow for more efficient intrusion and malware analysis.