Malware Analysis: What’s the Point?

Подробнее о видео

SANS Cyber Threat Intelligence Summit 2023

Malware Analysis: What’s the Point?
Tony Lambert, Sr. Malware Analyst, Red Canary

While there are many resources available on "how" to analyze malware, there are far fewer resources regarding "why" to analyze malware. This talk will focus on helping malware analysts and organizations understand the role malware analysis plays in a larger intelligence capability. To highlight this role, we'll discuss how malware analysis demystifies malware capabilities to clarify the events of security incidents, how analysis produces more reliable attribution of events to specific adversary tools, and improved detection outcomes. Attendees can expect to learn how malware analysis compliments documentation that may be flawed from traditional monitoring tools. They can expect to learn how analysis provides a clearer picture when multiple malware families are combined in a single attack. Finally, they can expect to learn how analysis takes open-source intelligence and digs deeper into documented details to find detection ideas that others haven't yet published.

View upcoming Summits:
Download the presentation slides (SANS account required) at