Dissecting Malware for Defense - Crafting Custom Yara Rules

Presented at DEF CON 32 (2024), Aug. 8, 2024, 9 a.m. (240 minutes).

Threat actors skillfully deploy malware to evade detection, outmaneuvering traditional security tools. In this workshop, "Dissecting Malware for Defense - Crafting Custom Yara Rules", you'll harness the power of malware analysis and crowdsourced intelligence to build tailored Yara rules. These rules will supercharge your security systems, enabling you to detect emerging threats, enhance threat hunting, and accurately pinpoint malicious activity. This fast-paced course will guide you in mastering static and behavioral detections, empowering you to safeguard your organization. By the end, you'll expertly translate malware analysis insights into high-quality Yara rules, bolstering your defensive arsenal.

Presenters:

  • Francisco Perdomo - Security Engineer, VirusTotal Research Team at Google
    Francisco is a skilled security professional with a strong background in detection engineering and a keen interest in reverse engineering. With extensive blue team experience, he currently works as a Security Engineer at Google's VirusTotal Research team where he leverages his operational expertise to investigate malware trends and create insightful technical content. Francisco's background includes roles as a SecOps Engineer and Professor of Computer Security.
  • Josh Stroschein - Reverse Engineer, FLARE team at Google
    Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is a reverse engineer with the FLARE team at Google, where he focuses on tackling the latest threats. Josh is an accomplished trainer, providing training at places such as Ring Zero, BlackHat, Defcon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is also an author on Pluralsight, where he publishes content around malware analysis, RE, and other security topics.

Similar Presentations: