Presented as a webinar on February 18, 2010.
During this Fresh Prints presentation, MANDIANT’s Peter Silberman and Michael Graven discussed malware behavior and its traits, including mass malware and malware used by the Advanced Persistent Threat (APT).
This webinar focuses primarily on how one can quickly and easily identify malware using memory analysis tools, such as Memoryze and Audit Viewer, incorporating MANDIANT’s Malware Rating Index (MRI). Integrating content from MANDIANT’s M-Trends report, described as a ‘must read’ by top industry insiders, attendees will receive information on addressing new behaviors as well as looking at APT vs Mass Malware behaviors.
A live demo is shown during the webinar that uses actual samples from previous incident responses. This is a good opportunity to see MANDIANT tools in action.
In the webinar, we referred to several resources:
Michael Graven is a director at MANDIANT. Like all MANDIANT consultants, he chases network bad guys through Fortune 500 companies, governments, and financial institutions. Michael earned degrees at Northwestern University and Stanford University. He has worked on internetworks and system security since 1989, working in environments as large as AT&T and Netscape to as small as twenty-person startups. He is a native Californian and a snowboarder, but he does not surf.
Peter Silberman works at MANDIANT on the product development team. For a number of years, Peter has specialized in offensive and defensive kernel technologies, reverse engineering, and vulnerability discovery. He enjoys automating solutions to problems both in the domain of reverse engineering and rootkit analysis. Although he is college educated, Peter does not believe formal education should interfere with learning.
