I had the good fortune to attend Lenny Zeltzer’s introductory malware analysis presentation at the HTCIA Northeast chapter meeting today. I have been looking forward to attending this presentation ever since I learned about it. Lenny is an accomplished instructor and did a remarkable job explaining a complex topic like malware analysis in terms that made it very approachable for the layperson.
Lenny breaks down malware analysis into two main parts. The first part is behavioral analysis. This is where the examiner works with the malware in a safe environment to learn about it through interaction and observation. The second part is code analysis which involves using tools like debuggers to examine malware at an assembly language level. It’s important to note that knowing assembly language is not a prerequisite to becoming a malware analyst or attending Lenny’s training. That said, if you want to be excellent at it, you’ll need to add knowledge of assembly language to your skill set.
Lenny is going to be teaching his SANS malware analysis course in New York this month and there are seats still available. COINS-LZ is a discount code that will reduce the cost of the class by ten percent.
Lenny is also in the market for a security architect to come to work for him. If you are interested in a great job in the NYC metro area, this is a fantastic opportunity.