|
Title: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: don on July 02, 2010, 02:34:19 PM An eager EH-Netter was recently at a SANS event and took the opportunity to interview a forensics expert. Good thing for all of you, that I accepted his submission. Hope you enjoy.
Permanent link: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute (http://www.ethicalhacker.net/content/view/317/2/) Quote By Jamy Klein, MSIA, CISSP According to Panda Labs over 25 million new pieces of malware were released into the wild in 2009. 2010 is expected to be even worse. In addition to sheer volume, malware is becoming more sophisticated and targeted as a result of the influx of organized crime and state sponsors into the realm of malware authoring. Due to this unsavory trend, the SANS Institute has developed a course, Reverse-Engineering Malware: Malware Analysis Tools and Techniques AKA FORENSICS 610 (http://www.sans.org/info/61123), to help white hats that need essential malware analysis skills and also to prepare security professionals for the GIAC Reverse Engineering Malware (GREM) certification. SANS describes FOR610, as: “Teaches a practical approach to examining malicious software that runs natively on Microsoft Windows, and covers web-based malware such as JavaScript and Flash files. You will learn how to reverse-engineer malicious programs using a variety of system and network monitoring utilities, a disassembler, a debugger, and other tools for turning malware inside-out.” In my work as a Security Engineer, I am frequently asked to analyze web sites and file downloads for potential infection. This course filled both a professional need and personal interest need for me in malware analysis. After attending the 4-day course (now officially a 5-day course) at SANS Security West 2010 in San Diego, I sat down with the course author and instructor, Lenny Zeltser, to discuss his background, the course and malware analysis in general. Thanks Jamy and Lenny, Don Title: Re: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: aweSEC on July 03, 2010, 02:40:13 PM Nice interview.. GREM is certainly something on my list I'd like to go for sooner or later. However, what I often wonder is why I so often read something like 'no programming knowledge required' or the other way round, that security professionals ask if programming skills are required for a certain course or exam. Of course there are areas in security where one have more or less to deal with programming, however, I think that a security professional should have some kind of programming knowledge, independently on the area one has focused to.
Title: Re: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: Bane on July 03, 2010, 09:49:22 PM Nice interview.. GREM is certainly something on my list I'd like to go for sooner or later. However, what I often wonder is why I so often read something like 'no programming knowledge required' or the other way round, that security professionals ask if programming skills are required for a certain course or exam. Of course there are areas in security where one have more or less to deal with programming, however, I think that a security professional should have some kind of programming knowledge, independently on the area one has focused to. It really depends on what you define as programming knowledge. I can read enough of it to undestand what most routines do, but could I write a realtion databgase management system or other complex application from scratch? Absolutely not. What SANS and Lenny are trying to say by that statement is that you don't need to be a developer or have completed a prgramming degree to take the course or gain a weatlh of knowledge from the course. Jamy Title: Re: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: Equix3n- on July 05, 2010, 11:10:13 AM Nice interview. I think that as much as this interview was on Lenny's views on malware analysis, it also focused on what resources, apart from the course, would help a complete beginner to get started in this field. Lenny shared some good links.
Title: Re: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: don on July 05, 2010, 11:17:08 AM Also be on the lookout for a full course review coming soon!
Don Title: Re: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: Equix3n- on July 05, 2010, 11:22:41 AM That's good. Is the review for the 4-day class or the newer 5-day syllabus?
Title: Re: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: don on July 05, 2010, 12:05:48 PM Justin Kallhoff of Infogressive is putting the finishing touches on the 5-day course review.
Don Title: Re: [Article]-Interview: Lenny Zeltser of Savvis and SANS Institute Post by: KDPryor on July 10, 2010, 07:29:20 PM Good interview! I've been checking out Lenny's website quite a bit lately and would love to take his course. My job doesn't require it and won't pay for it, so it'll be awhile before I can afford to go. It's more of a personal interest than anything. I recommend watching the intro to malware video available on his website, it really gives you a great idea of how to start.
Ken
Powered by SMF 1.1.16 |
SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com |