2025-04-13 –, Track 1
We all know that the daily life of a cybersecurity analyst often requires you to branch out into left field and learn a completely new skill on the fly. Join me as I introduce you to some of today's go-to tradecraft for static, dynamic, and code-level analysis so that you can begin analyzing artifacts of interest with ease.
Roughly a year ago, I had zero experience analyzing malware. If you had asked me how to go about it, I probably would've answered "uh, strings and Ghidra?" (Hey, not too bad!) One day, while making an "interesting" discovery at my job, it suddenly became a lot more important to me to try to understand as much as I could in the shortest amount of time possible. Learning about static, dynamic, and code analysis against a variety of Windows and Linux samples expanded my arsenal of open-source tools. When simply identifying the presence of malware wasn't enough, tools like Volatility, Ghidra, and x64dbg sent me down a rabbit hole to understand malware's capabilities and sophistication. Today, I am by no means a seasoned analyst, but I feel confident in my ability to identify, characterize, and begin to understand a given sample on the fly in a working environment. I want to introduce you to my favorite tools and provide you with a playbook on how I begin triaging... With minimal Assembly!
A junior cybersecurity analyst, graduate of Auburn University, and GIAC certification holder with 3 years of professional experience. When I'm not asking you about your home network or cringing at bad password policies, I'm probably exploring the DMV or sitting on a beach somewhere.