Forensic Lunch - Forensic / Malware Analyst's Life & Career

Jmurray8 at April 01,2015
Lenny Zeltser –Jon Stewart - Forensic / Malware Analyst's Life & Career (with dave and matthew) • Teacher at SANS and consultant • Main theme is - The progression/evolution of the complexity in computer forensics • A drawn out “Bad people magazine” of computer forensics • Hard to believe this goes on for 1 hour – boring……

nbodyk at April 22,2015
Video is too long and it drags in some places. The format is like a radio talk show with the two hosts conducting a talk show like interview with two experts in malware analysis: Lenny Zeltser and Jon Stewart. Lenny talked about having a background of working with malware analysis for the last 13 years. He also mentioned how at one meeting they had a sidebar and started discussing how to analyze malware. He mentioned there really weren't a lot of tools for malware analysis in the beginning, but over time the tools for forensic analysis have become more sophisticated. That makes sense because malware writers have become more sophisticated with the malware they write because they know people are looking for it and there are tools if kept up to date that will stop most malware unless they are zero day vulnerabilities. He spends some time talking about how the tools he has work better with XP and don't work as well with WIN 7/8, but talks about moving to use WIN 8 because it is the newest O/S. Of course, that will change this summer with the release of WIN 10 and the fact that Microsoft stopped supporting WIN XP when WIN 8 came out. Jon Stewart is more of a software developer/programmer. He talks about the software he has worked on and the process for owning a software company and handling software bugs as they are notified by customers so they can fix them. Processes allow companies to function and handle more customer calls. His focus is on what are the next tools out there for forensic work. He's not a fan of Windows because it's slow, which impacts forensics captures. His interest is in big data tools and the ability of tools to scale to analyze big data, Encase is not a good tool for large scale data analyze so he started Lightbox to develop software that is able to analyze large scale data forensically.

nbodyk at April 22,2015
Video is too long and it drags in some places. The format is like a radio talk show with the two hosts conducting a talk show like interview with two experts in malware analysis: Lenny Zeltser and Jon Stewart. Lenny talked about having a background of working with malware analysis for the last 13 years. He also mentioned how at one meeting they had a sidebar and started discussing how to analyze malware. He mentioned there really weren't a lot of tools for malware analysis in the beginning, but over time the tools for forensic analysis have become more sophisticated. That makes sense because malware writers have become more sophisticated with the malware they write because they know people are looking for it and there are tools if kept up to date that will stop most malware unless they are zero day vulnerabilities. He spends some time talking about how the tools he has work better with XP and don't work as well with WIN 7/8, but talks about moving to use WIN 8 because it is the newest O/S. Of course, that will change this summer with the release of WIN 10 and the fact that Microsoft stopped supporting WIN XP when WIN 8 came out. Jon Stewart is more of a software developer/programmer. He talks about the software he has worked on and the process for owning a software company and handling software bugs as they are notified by customers so they can fix them. Processes allow companies to function and handle more customer calls. His focus is on what are the next tools out there for forensic work. He's not a fan of Windows because it's slow, which impacts forensics captures. His interest is in big data tools and the ability of tools to scale to analyze big data, Encase is not a good tool for large scale data analyze so he started Lightbox to develop software that is able to analyze large scale data forensically.

mrgodfrey3 at July 23,2015
Very long video. Lenny Zeltser is the best malware analyst I have heard of. He is an amazing instructor. The remark about malware authors writing code based on the lowest common denominator (XP). As long as the producers of Operating Systems still write bad programs, then malware will always have a foot hold.

CCotton10 at April 18,2016
Lenny Zeltser seems to a significant amount about malware analysis. Indicates that much of the malware is written to run on Windows XP. I wonder if this is still true? Discusses the tool Capture Bat. Is a big fan. Jon Stewart comes at the discussion from a different perspective.