A system within your network is confirmed to be infected with malware. How can you go from detecting an infection to operationalizing indicators gleaned from that infection across your environment? How can you use indicators from OSINT to detect further compromise? This talk will discuss various techniques utilizing YARA to discover additional compromised hosts, identify similar malicious binaries, and parse other mediums for indicators of compromise.
Bio: Chad Robertson is a cyber security research analyst with Fidelis Cybersecurity Solutions. Chad has been a part of the incident response, security engineering, and forensics field for over 10 years. He has provided incident response training and authored incident response course material. Chad focuses much of his research on reverse engineering and malware analysis. He has a Bachelors of Science from Purdue University.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek