Malware analysis is another tiny piece of this puzzle. By looking at what weakness attackers leveraged to gain access, we can learn how they were able to perform these actions. Have you ever heard of the phrase offense informs defense? The idea is that interactions with real cyber attackers–be they vulnerability scans and vulnerability management, penetration tests, adversary emulations, red/blue team joint operations, or actual security incidents–all result in lessons being learned. It’s all well and good that there are so many niches and disciplines that tie in to malware analysis, but what is the overall goal? Offense Informs Defense
We learned how malware analysis is performed in general and the various types of analysis–triage, dynamic, and static analysis. In Part 1 of this blog series, we covered a (somewhat) brief introduction to malware analysis.