Focus on Your Malware, Not Infrastructure!

Omri Segev Moyal

Track 2

Serverless technology has been on the rise for the past few years, and it doesn’t look like it’s going to stop. While developers are moving to utilize serverless technology, it seems that security researchers are left behind. Instead of leading in innovation, we are fighting patches and scaling issues. In this talk, we will introduce how serverless can serve researchers in their tasks, learn what are the pros and cons and explore a complete serverless project, MalScanBot as our case study.

Malware analysis is one of the most exciting yet daunting tasks in the security research world. A typical researcher spends countless hours and sometimes days to dissect malware and exploits. To keep up the pace (and sanity) many automation tools have been built to help with different kind of tasks. Usage of such tools brings a massive problem of maintaining working and secure infrastructure. An infrastructure often operated in very hostile environments. This problem causes researchers to spend too much of their time and resources on the infrastructure instead of spending it on their target goal. In this talk, we will learn how every malware analyst can start rapidly using serverless technology to make their life easier. We will dive into a serverless open source project called MalScanBot. Learn how it was built and how it can be used as a template for many other interesting projects. Because as a researcher you should always Focus on your malware, Not Infrastructure.

About Omri Segev Moyal

Born with a curiosity for learning how things work and a passion for assessing and dissecting them. Malware Researcher and Threat Intelligence expert with global experience in military, industrial, intelligence, communication and financial organizations. Expertise as a testing provider of advanced malware solutions in both laboratory and enterprise production environments.