Reverse Engineering Intrusions and Infections: How Malware Can Educate Us About Our Adversaries
Although zero-day malware is relatively uncommon, most attacks do employ some form of purpose-built software to establish residency and "act" within our networks. By deconstructing and analyzing this code, we can gain great clarity into exactly how our adversaries operate. We can use such clues as hard-coded, command-and-control IP addresses, communication mechanisms and general toolset functionality to build a picture as to how an attack will be conducted. Coupling that information with analysis of infected hosts and associated network traffic provides insights that aid in detecting the behavioral patterns of an attack, instead of relying on code signature-based detection, which has been provided to fail as a single line of defense.
See Also: Role of Deception in the 'New Normal'
In this session we'll hear from a leading data and cyber analytics company about its methods in extracting valuable information from malware, host, and network traffic, and using this information to defeat attacks.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.