Wednesday 30-October-2019 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 St. Patrick Street, Toronto
Speakers: Laura Harris and Yagneshwaran Prabagaran
Topic: The Mechanics of Malware’s Darkside
This presentation will introduce the basics steps of carrying out static and dynamic analysis on malware using disassemblers, debuggers, and amongst other tools. Diving into the dark waters of dissecting malware will allow the audience to understand how to disassemble malware, identify key strings and process, and track the behavioral triggers once placed in a sandbox. It also highlights the limitation of static analysis and hints at the next phases of analyzing an obfuscated malware. The audience will be able to develop basic SNORT and YARA rule based on the information shared.
Speaker: Anton Ovrutsky
Topic: Beyond Logs: Why it’s an Exciting Time to be a Defender
The talk will provide a high-level overview of some newer and perhaps overlooked defensive security tooling that has recently been released. Splunk/Elastic SIEM, Sysmon, KAPE, Moloch and BloodHound will be some of the tooling covered. An overview will be provided into what these tools do and how defenders can quickly extract defensive value from them.
This month’s TASK is sponsored by Micro Focus
Micro Focus helps you run your business and transform it. Our software provides the critical tools you need to build, operate, secure, and analyze your enterprise in a constantly changing world. Right now, that means powering your digital transformation with solutions spanning four key areas:
- Enterprise DevOps — Build and deliver better software faster.
- Hybrid IT Management — Operate with agility.
- Security, Risk, and Governance — Secure what matters most.
- Predictive Analytics — Analyze in time to act.
By design, these solutions bridge the gap between existing and emerging technologies—which means you can innovate faster, with less risk, in the race to digital transformation.
Meeting Location: Michener Auditorium, 222 St. Patrick Street, Toronto.