A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


The Malware Management Framework, a process you can use to find advanced malware. We found WinNTI with it! - Michael Gough, Ian Robertson Derbycon 2013 (Hacking Illustrated Series InfoSec Tutorial Videos)

The Malware Management Framework, a process you can use to find advanced malware. We found WinNTI with it! - Michael Gough, Ian Robertson
Derbycon 2013

Description: “Both CXO’s and technical staff should attend this talk. You can throw lots of time and money at scanning your systems for unknown malware, but the reality is that you will only identify a small portion of the bad stuff. Changing the way you approach managing your systems by using this process will help you find malware. In this presentation we will introduce you to the “Malware Management Framework”, a repeatable process that can identify the most advanced malware on Windows based systems without signatures or the need to understand anything about the malware. This isn’t whitepaper fluff, this is the real deal straight from the professionals who have dealt with some of the nastiest stuff in the real world, defending real environments. This presentation will discuss the current state of malware, the problems with current detection methods and share a new process that anyone can setup to assist in malware discovery and remediation. If malware is a concern in your environment, you need to attend this talk and take away actionable information you can begin using immediately. JUSTIFICATION: Anti-Malware and malware detection and prevention solutions currently on the market are failing in detecting today’s advanced malware. There are over 110 million new pieces of malware discovered in 2012. AV-Test.org has already listed 60 million new malware between Jan-May 2013, exceeding malware numbers for all 2011! The “Malware Management Framework” and this presentation will teach IT and security professionals how to setup a program to easily and inexpensively detect the most sophisticated malware on their systems, or validate a system is malware free. This approach will save significant dollars on Incident Response and allow companies to move forward after an incident and not be paralyzed by the event. This is not a traditional forensics talk, this is a new innovative methodology proven by the speakers in their current environment with WinNTi and other advanced malware.”

Bio: Ian and Michael, aka the “Thoughtful Hackers”, are security professionals and researchers. The duo’s responsible disclosures involve cardkey system exploits and vulnerabilities with leading application whitelisting and file integrity products. Michael’s background includes 20 years of security consulting for Fortune 500 organizations and running BSides Texas. Ian’s background includes security, networking and software development, and was a former CISO for the State of Texas. Now Ian and Michael defend against malefactors and ne’er-do-weller’s trying to do nefarious things and trying to p0wn their employer’s assets.

Back to Derbycon 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast