Join Didier Stevens (NVISO) in a typical day of a malware analyst.
Following the malware response cycle, the analyst is first informed that (potential) malware is detected.
Then a decision must be taken to analyze the malware or not. After analyzing the malware, appropriate actions are taken.
This session requires no pre-requisite knowledge about malware or anti-virus. Didier will explain the different steps, give explanations about the different types of malware and how they can be analyzed. A couple of short demos of malware analysis will be given to illustrate the process.
Didier Stevens (Microsoft MVP, SANS ISC Handler, GREM - GIAC Reverse Engineering Malware, ...) is a senior analyst with NVISO (https://www.nviso.be) active for 15+ years in security teams of Belgian financial corporations.
Didier Stevens is a pioneer in malicious PDF document research and malicious MS Office documents analysis, and has developed several tools to help with the analysis of malicious documents like PDF and MS Office files. You can find his open source security tools on his IT security related blog http://blog.DidierStevens.com.