Showing posts with label incident response. Show all posts
Showing posts with label incident response. Show all posts

Monday, August 24, 2020

, , , , , ,

Learn how malware operates so you can defend yourself against it

TL;DR: VirusTotal is hosting an APJ webinar on August 27th showcasing our advanced threat enrichment and threat hunting capabilities, register for the webinar, it is free.

Following the EMEA webinar that we recently conducted (watch on demand if you missed it), we want to spread the word about all the features and capabilities your team can take advantage of with VirusTotal. Our mission is to improve security for billions of users by coordinating and empowering distributed security teams, acting as the nexus of the security industry, and it is with you, our community of users, that we are able to execute on it.



Join our upcoming webinar “Advancing Threat Intelligence & Hunting with VirusTotal” where we will run you through a detailed and comprehensive overview of VirusTotal Intelligence and Hunting capabilities. This will showcase the search capabilities within VirusTotal to help sift through the vast amount of malware and how it may be pertinent to your organization as well as ways to track this threat for future variants. An investigation can start from IoC’s with little context, and how an analyst may leverage the data in VirusTotal can help uncover additional variants and the techniques attack groups may be utilising. Learn how VirusTotal can supercharge your team in regards to:

  • Security threat enrichment
  • Incident response
  • Threat hunting
  • Fraud and brand protection
Specifically, among other things, you will understand how:
  • A SOC level 1 analyst can use static information, crowdsourced metadata and inter-observable relationships generated by VirusTotal in order to confidently act on an alert, even when the pertinent IoC is fully undetected.
  • An incident responder can leverage file similarity search in order to map out an entire threat campaign and generate network IoCs to mitigate a breach or proactively defend his organization.
  • Identify variants and other threats to augment your organization’s prevention and detection capabilities.
  • Uncover vectors which adversaries may be using to target your organization and your customers.
  • A threat hunter can automatically generate optimal YARA rules to track adversaries and pivot through the dataset to discover their TTPs.
Knowledge is power, learn how malware operates so you can defend yourself against it.

Stay positive, remain resilient, fight the bad guys.
Read More

Wednesday, May 27, 2020

, , , , , ,

I did not know you could do X, Y, Z with VirusTotal

TL;DR: VirusTotal is hosting an EMEA webinar on June 4th showcasing our advanced threat enrichment and threat hunting capabilities, register for the webinar, it is free.

I did not know you could do X, Y, Z with VirusTotal”, this is the most common feedback that we hear coming from our users whenever we jump in calls, demos or give a talk at conferences. Our mission is to improve security for billions of users by coordinating and empowering distributed security teams, acting as the nexus of the security industry, and it is with you, our community of users, that we are able to execute on it.


Join our upcoming webinarSupercharging Your Security Operations with VirusTotal” where we will run you through a detailed and comprehensive overview of how VirusTotal can step up your security operations, from SOC Level 1 analysts confronted with IoCs for which they have very little context, to advanced threat hunters tracking state-sponsored attacks. Learn how VirusTotal can supercharge your team in regards to:

  • Security threat enrichment
  • Incident response
  • Threat hunting
  • Fraud and brand protection
Specifically, among other things, you will understand how:

  • A SOC level 1 analyst can use static information, crowdsourced metadata and inter-observable relationships generated by VirusTotal in order to confidently act on an alert, even when the pertinent IoC is fully undetected.
  • An incident responder can leverage file similarity search in order to map out an entire threat campaign and generate network IoCs to mitigate a breach or proactively defend his organization.
  • A threat hunter can automatically generate optimal YARA rules to track adversaries and pivot through the dataset to discover their TTPs.
  • A threat intel analyst can pivot over URLs, Domains and IPs to burn down threat campaigns not by studying the malware itself, but rather the CnC panels controlling it. Furthering such pivoting to uncover a specific threat actor operating a given cybercrime malware family. 
  • An ecrime/anti-fraud analyst can leverage network infrastructure searches to study phishing campaigns against a financial institution, and extend those searches into the file corpus in order to identify fraudulent apps impersonating his organization. 
  • Automate all of the above and start thinking about live data enrichment to step up your onion-layered security model and complement your security stack.
Knowledge is power, learn how malware operates so you can defend yourself against it.

Stay positive, remain resilient, fight the bad guys.

Read More
Subscribe to: Posts (Atom)