2025-11-15 –, Room 402
Malware is noisy and constantly changing but hidden in that chaos are patterns we can use to build better detections. This talk takes a look at how understanding the internals of malware like packing, code injection, and persistence can give us a clearer view of attacker behavior and help us engineer detections that stick.
Instead of focusing only on signatures or chasing IOCs, we’ll dig into how to turn lessons from real malware analysis into practical, behavior-based detections. You don’t need to be a reverse engineering expert to walk away with ideas you can bring back to your SOC or detection pipeline.
The goal is simple: cut through the noise, find the signals, and use what malware teaches us to get ahead of attackers.
I’m a Detection Engineer at Cox Communications who enjoys digging into malware and turning what I learn into better detections. My main interests are cyber threat intelligence, malware analysis, and building defenses that actually work in the real world.