In my recently released book Facing Cyber Threats Head On, I spend a lot of time discussing how contemporary cyber security is just as much about stopping people (the attackers) as it is about stopping malware. When you look at it, stopping people is a different problem and requires a different approach than stopping malware. At the end of the day, people create and adjust strategies based on what they experience. Computer programs do not.
There are many tricks to the tradecraft when analyzing unknown binaries, and it requires constant honing of skills to stay on top of the latest malware and campaigns. Solving reverse-engineering challenges is one way to keep your skills sharp. In our previous post, we discussed some tips from the Flare-On Challenge.
By participating with AMTSO, Endgame works to advance testing standards for next-gen security technologies
Arlington, VA - January 13, 2017 - Endgame, a leading endpoint security platform closing the protection gap against advanced attackers, announced today that it joined the Anti-Malware Testing Standards Organization (AMTSO). Participation in AMTSO furthers Endgame’s mission to develop scientifically objective and statistically significant third-party testing methodologies for next-gen security products.
On December 29, 2016, the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint analysis report (JAR) detailing, in their words, “tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities”.