Fraud Management & Cybercrime , Malware as-a-Service , Next-Generation Technologies & Secure Development
Fighting Sandbox-Evading Malware
Verizon's Ashish Thapar Shares Tips and TechniquesMalware detection needs to shift to detecting anomalous behavior, rather than depending on signature-based detection technologies to deal with such threats as sandbox-evading malware, says Verizon's Ashish Thapar.
See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation
Sandbox-evading malware detects when it's being analyzed in a sandbox and shuts down and stays dormant, he explains. "That's why it's important that when we do reverse engineering, we look at both dynamic and static analysis," he says.
In this video interview at the recent RSA APJ 2018 conference in Singapore, Thapar discusses:
- The ins and outs of the malware landscape;
- Common malware detection mistakes;
- How to effectively fight polymorphic/sandbox-evading malware.
Thapar is the managing principal, risk services - APJ, at Verizon Enterprise Solutions. His experience includes designing, implementing and managing information security management systems for organizations.