length: 00:25:17

Lenny Zeltser background: developer, admin, network – all intersect in security

Then got involved in malware because of interest in malware analysis

Sample sharing: AV community  - closed world – get sample if you know somebody

Nowadays close malware sample sharing is contradiction

Anybody can gather sample

Things that changes for the better:

-          Behavioral signature

-          Company protect their servers more

Things that got worse:

Biggest challenge how to protect the client

End point: anything that has data.

And if the data is valuable – it will become target

Problem with malware naming: high volume & cross pollination

Another challenge:

-          Generic malware identification

-          Difficulty for forensic – need specific information

Most AV company prefer to eradicate malware – make generic detection  – but sometime specific information is needed for legal forensic analysis.

The need of malware writer to go to prison is never so high as now.

When you bring business acumen to malware – that is not good for the good guys

Social engineering: the easiest way to steal someone identity is to ask for it (Jim Walter)

COMMONSENSE is the best AV