Week 9: Reading summaries, Question, and News of the Week…

Zeltser, L. (2014). “Ouch! What Is Malware,” The Monthly Security Newsletter for Computer Users, The SANS Institute.   This reading provides a short high-level overview of malware, its sources, and protecting against it.

Hardikar, A. (2008). “Malware 101 – Viruses,” Information Security Reading Room, SANS Institute.   The paper provides an excellent introduction to: malware, complementary virus classification systems, and SANS’ six-step incident handling process.  The technical overview of malware types and the deeper dive offered by the classification systems provides motivation and insight into the nature and objectives of each step of the malware handling processes.  The article effectively couples the need for organizational security awareness training with the need for an Incident Handling Escalation Matrix.

Question for the class:  What criteria would you use to determine when an organization is justified in having an incident handling team?

News of the Week: Jack Daniel, “SWAMP, the SoftWare Assurance MarketPlace”, September 20, 2015. SWAMP is a free suite of 16 practical and useful software security analysis tools for assessing and testing applications coded in C/C++, Java, Java on Android, Ruby, and Python. SWAMP was developed by an academic research consortium with funding from U.S. Department of Homeland Security for the broader community of software and software tool developers. SWAMP’s tools are integrated within a centralized, cloud-based software security testing platform of 700 processing cores, 5TB of RAM, 104 TB of HDD and display their results within an inter-operable results viewer to simplify vulnerability analysis and remediation.  Work is underway to add support for JavaScript and PHP. http://blog.uncommonsensesecurity.com/2015/09/swamp-software-assurance-marketplace.html