Learning From The Adversary: Automated Malware Analysis For The Win! | SANS@MIC Talk

Dean highlights the basic to intermediate approaches for malware analysis for IT and ICS environments. Four methodologies are reviewed. The focus is on quick triage to scope cyber incidents and gathering indicators of compromise (IOCs) for practical defense. The talk is geared towards new or existing organizations looking to augment their defenses by gleaning actionable intelligence from the adversary's Malware. whether you deploy a fully automated system or just have one keen employee empowered to hunt for evil - a small investment Speaker Bio Dean Parsons is a SANS instructor for ICS515: ICS Active Defense and Incident Response, a member of the SANS/GIAC advisory board, an active member of the cybersecurity community, and OT Cyber Security Officer. With 20 years combined experience in IT, Industrial Control System cyber defense across the telecommunications to critical infrastructure sectors, Mr. Parsons lead's an active ICS Cybersecurity Program for an electric utility in Canada across facilities for generation (hydro, thermal, gas turbine), transmission and distribution. As an ICS security practitioner and ambassador for safety and operational resilience, he frequently speaks at high-profile cybersecurity events across North America, and has a natural way of engaging his audience. His enthusiasm in the field started at an early age writing ethical hacking tools on his custom compiled versions of Linux; password crackers, host-based intrusion detection systems, network sniffing tools, smart port scanners, kernel modules and exploits. Any given day Dean could be dissecting packets from plant operations, writing policies, or presenting to a board of directors. Dean earned a bachelor’s degree in computer science from Memorial University of Newfoundland and holds the CISSP, GSLC, GCIA and GRID accreditations.