How to Break into the Malware Analyst Field

Apr. 11th, 2009 10:10 am
foxgrrl: (Default)
[personal profile] foxgrrl
A reader asks:

How can I get a job looking at malware? I worked at a company that was exposed to lots and lots of stuff targeting Chinese dissident groups and got pretty good at analyzing, tracking and spotting it. Do you know anyplace that I could go to do this for a living?
Any input appreciated


I don't have time to write a proper response to this, so perhaps you, the reader, can offer some advice.
  • Current Mood: good
  • Current Location: Oakland, CA
Tags:
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2009-04-11 07:59 pm (UTC)
From: [identity profile] centauress.livejournal.com
Gosh. If you're willing to move to Irving, I hear Blizzard is still hiring...

Date: 2009-04-11 11:11 pm (UTC)
From: [identity profile] girlvinyl.livejournal.com
Government. Just find a SOC and go work, they're always hiring. This person would need to be able to get a clearance though. Talk to the big contractors [Raython, Bechtel, Nortrop Grumman, etc].

Date: 2009-04-11 11:47 pm (UTC)
From: [identity profile] vega-33.livejournal.com
Thats a damn good question; I've started becoming pretty good at analyzing attacks too. Still haven't figured out a good source for information on ways they gain elevated privileges though. We've seen a bunch of those sporadically on fully patched servers and its quite a puzzla.

Date: 2009-04-12 03:12 am (UTC)
zeeth_kyrah: A glowing white and blue anthropomorphic horse stands before a pink and blue sky. (Default)
From: [personal profile] zeeth_kyrah
That's when you start learning how to ghost drives, run VMs, and compare bits. Decompilers are essential tools at this level.

Date: 2009-04-12 11:12 am (UTC)
From: [identity profile] roadknight.livejournal.com
I'd say keep working on it and either start or continue posting and talking about what you've found and what you know in the appropriate virtual and physical fora and eventually the work will find you.

Date: 2009-04-12 11:55 am (UTC)
From: [identity profile] maradydd.livejournal.com
This. Also, get to know the community. Go to talks about malware at conferences, pay attention, ask questions that help you and others increase their understanding of the field of study. Read conference papers and journal articles; arXiv and citeseer are invaluable for this. Springboard off these papers to do research of your own; start up e-mail correspondences with their authors, as security sees an awful lot of papers from industry people as well as academics. If you live near a university, find out if their computer science or electrical engineering department has an appropriate reading group. If there's one for malware, join it. (Meeting times may be inconvenient for those with a 9-to-5 schedule, but maybe you'll be lucky.) If there's no malware group but there is a security group, join that; suggest papers on malware for discussion. If there's enough interest, spin off a new reading group. If you live in an area that has a hackerspace, join it and find out who else is interested in malware. Join or start a reading/discussion group there, too.

But yeah. Do research, communicate the results of your research effectively, and the work will definitely find you.

(all use of "you" meant generically, [livejournal.com profile] roadknight knows this stuff already.)

Date: 2009-04-12 05:47 pm (UTC)
From: [identity profile] mayamaia.livejournal.com
Off topic, but this is the only way I can contact you... I saw you in a friend's picture from Silicon! He was dressed as Spike.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

foxgrrl: (Default)
foxgrrl

May 2023

S M T W T F S
 123456
78910111213
14151617181920
212223242526 27
28293031   

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 22nd, 2026 04:47 pm
Powered by Dreamwidth Studios