恶意软件执行即服务：深入了解 CSMA 高级文件分析.pdf

1、#CiscoLive#CiscoLiveBrian McMahon,TMEBRKSEC-2101Secure Malware Analytics Advanced File AnalysisMalware Execution as a Service 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App Questions?Use Cisco Webex App to chat with the speake

2、r after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12343https:/ 2023 Cisco and/or its affiliate

3、s.All rights reserved.Cisco PublicBRKSEC-21013 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive$whoamiBrian McMahon Technical Marketing Engineer(TME),Threat Detection and Response(TD&R)Team focus:Cisco Secure Endpoint,Malware Analytics,SecureX/XDRFirst Cisco job:TAC 1996-1

4、999Cisco Security Business Group since 2010CCIE:So old,it no longer exists(#4205 ISP-Dial)Other experience includes multiple startups and several years as a full-time community college instructor(CIS and Cisco Networking Academy)First incident response:circa 1993 on a VAXcluster4BRKSEC-2101Agenda 20

5、23 Cisco and/or its affiliates.All rights reserved.Cisco PublicIntroductionFile AnalysisMalware Threat IntelligenceDeployment optionsPortal FeaturesAPIConclusion&ResourcesBRKSEC-21015Introduction 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSecure Malware Analytics Over

6、viewThreat Intelligence Threat Score Behavior Indicators Observables Analysis ReportsMalware AnalysisAutomated AnalysisStaticDynamicGlobal CorrelationMalware Analysis /Threat IntelligenceAn automated engine observes,deconstructs,and analyzes using multiple techniques101000 0110 00 0111000 111010011