At Intezer, information sharing is a key component of our makeup, and reflected in our technology. In the spirit of industry collaboration, and with the intent of bringing the research community closer together, we recently sat down with nine well-known researchers from across the world, to hear about some of the more interesting malware and campaigns they have investigated, offer advice for aspiring researchers, and discuss what they would like to see from the security community at large to continue to advance the industry.
Here are some of the key takeaways:
• A common theme among the researchers is the importance of information sharing. They would like to have more industry collaborations across companies, and fewer ego battles.
• A willingness to learn, creativity, and perseverance are some of the words used in the interviews to describe the traits needed to become an effective researcher.
• Researchers must weigh the benefits and consequences when contemplating to disclose their research publicly. Some researchers steer on the side of caution, while others believe the benefits outweigh the cons. In one instance, a researcher published two vulnerabilities found in a popular IP security camera. The publication was read by hackers who implemented the vulnerabilities and exploits to create a large botnet. Another researcher argues that not adhering to responsible disclosure leads to safety and security implications.
To download the report, please click here.
We want to thank the researchers who participated in this project. The list of interviewees, in alphabetical order, are: Yaniv Balmas (security research group manager, Check Point Software Technologies), Christiaan Beek (lead scientist and senior principal engineer, McAfee), Ari Eitan (VP research, Intezer), Vitali Kremez (director of research, Flashpoint), Kenzo Masamoto (director of security research center, Macnica Networks Corporation), Costin Raiu (director, global research and analysis team, Kaspersky Lab), Florian Roth (CTO, Nextron Systems), Masatoshi Sato (director, national security laboratory, LAC Co., ltd), and Amit Serper (head of security research, Nocturnus group at Cybereason).
Intezer introduces a Genetic Malware Analysis approach, offering enterprises unparalleled and accelerated incident response.
Intezer provides a fast, in-depth understanding of any file by mapping its code DNA at the ‘gene’ level — offering the most advanced level of malware analysis. By identifying the origins of every piece of code, Intezer is able to detect code reuse from known malware, as well as code that was seen in trusted applications.