Enterprises need a way of deriving meaningful threat intelligence from malicious software they discover during incident response. What’s the role of automation in such research? When is there a need to analyze malware manually, going beyond automated tools? When should we do this in-house and when outsource? What tools and techniques are most useful for examining malware in a modern enterprise?
Learning Objectives: 1: Understand the objectives and benefits of analyzing malware during incident response. 2: Learn the role that automated analysis tools play in deriving threat intelligence from malware. 3: Determine how and when to perform malware analysis manually to go beyond automated findings.