Introducing a New Construct for Advanced Interactive Volatile Memory Analysis

Tools (716AB) November 3, 2021 1:00 pm - 1:40 pm Feedback     

Bookmark and Share

Solomon Sonya

Malware continues to advance in sophistication and prevalence. Well-engineered malware can obfuscate itself from the user, network, and even the operating system running host-based security applications. One place malware cannot easily hide itself is within volatile computer memory (RAM). Although an essential part of detection engineering and exploit development, memory analysis is not trivial to master. Additionally, inefficiencies exist within the current approach of conducting memory analysis resulting in greater consumption of resources while reducing analysis accuracy. This talk solves this problem by releasing a new construct for memory analysis along with a new tool to provide advanced memory analysis, correlation, user-interaction, and plugin aggregation to enhance analysis, increase accuracy, and completely automate the process for you.