Loading…
Back To Schedule
Sunday, November 22 • 09:00 - 17:00
YARA RULES ON STEROIDS

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Whenever we want to proactively hunt for malware of interest for threat intelligence purposes, YARA is the swiss-army knife that makes the work of malware researchers and threat intelligence Researchers easier. Malware developers work just like legitimate software developers, aiming to reduce the time wasted on repetitive tasks wherever possible. That means they create and reuse code across their malware. This has a pay-off for malware hunters we can learn how to create search rules to detect this kind of code reuse, Traditional Yara rules are written on strings, but if we implement code leveraging YARA code reuse rules in addition to the strings rule the rule will last decades. for successful and long-term hits, we have to combine both string-based and code-based coverage. Meanwhile, we can leverage that for finding future malwares from the same authors using their digital code fingerprintsAdd individual feedback





Speakers
avatar for Saurabh  Chaudhary

Saurabh Chaudhary

Security Researcher
Saurabh Chaudhary is a self-motivated Technology enthusiast and a published researcher with several independent research papers in the information security domain specifically in malware and ransomwareHe is a passionate InfoSec enthusiast and tech enthusiast, he is one of the leaders... Read More →


Sunday November 22, 2020 09:00 - 17:00 WIB