AVIEN Malware Defense Guide for the Enterprise
About this ebook
AVIEN’s sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature.
* “Customer Power” takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist.
* “Stalkers on Your Desktop” considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today.
* “A Tangled Web” discusses threats and countermeasures in the context of the World Wide Web.
* “Big Bad Bots” tackles bots and botnets, arguably Public Cyber-Enemy Number One.
* “Crème de la CyberCrime” takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots.
* “Defense in Depth” takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies.
* “Perilous Outsorcery” offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it.
* “Education in Education” offers some insights into user education from an educationalist’s perspective, and looks at various aspects of security in schools and other educational establishments.
* “DIY Malware Analysis” is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools.
* “Antivirus Evaluation & Testing” continues the D-I-Y theme, discussing at length some of the thorny issues around the evaluation and testing of antimalware software.
* “AVIEN & AVIEWS: the Future” looks at future developments in AVIEN and AVIEWS.
Ratings and reviews
- Flag inappropriate
About the author
David Harley has been researching and writing about malicious software and other security issues since the end of the 1980s. From 2001 to 2006 he worked in the UK's National Health Service as a National Infrastructure Security Manager, where he specialized in the management of malicious software and all forms of email abuse, as well as running the Threat Assessment Centre, and has worked since as an independent author and consultant for Small Blue-Green World. He joined ESET's Research team in January 2008. He was co-author of Viruses Revealed (McGraw-Hill) and lead author and technical editor of The AVIEN Malware Defense Guide for the Enterprise (Syngress), as well as a contributor to Botnets: the Killer Web App (Syngress). He has contributed chapters to many other books on security and education for publishers such as Wiley, Pearson and Vieweg, as well as a multitude of specialist articles and conference papers. In his copious free time he is Chief Operations Officer for AVIEN (the Anti-Virus Information Exchange Network) and administers the MAC Virus web site.
Robert S. Vibert is the administrator and CDO of the Anti-Virus Information Exchange Network (AVIEN), the growing network of Security Professionals working in organizations with 1500 or more PCs who discuss Anti-Virus topics and keep each other informed about upcoming malware threats. He also acts as senior advisor to the administrator of AVIEWS (Anti-Virus Information & Early Warning System), AVIEN’s sister organization, which brings together security specialists and researchers at both vendor and customer organizations. Robert has worked for more than 25 years as a consultant, mentoring and helping companies and individuals get the most out of their resources. Author of five books and more than 200 articles on management, computer security and operations, Robert has also worked as a senior consultant for a major international consulting firm, is regularly interviewed by the media for his expert insights on computer security, and serves as an adviser to Canadian government departments. Currently, he acts as a mentor to several entrepreneurs and is developing the Missing Link series of books, workbooks, CDs and DVDs to provide practical information and processes to get the success you want in life in the areas of finance, relationships, emotional health, career and personal development.
Ken Bechtel has been involved in corporate malware defense since 1988. His work history includes working in the Virus Lab at NCSA (later ICSA), performing virus analysis and Antivirus Product Certifications, as well as user education. He has worked and consulted for all levels of business, from small businesses to Fortune 500 companies. He is the author of several papers published by SecurityFocus, Virus Bulletin, and several other trade magazines. He has appeared 26 times on local and national news for interviews concerning various malicious code threats. Ken is a Founding Member and Adjunct Administrator of the Anti-Virus Information Exchange Network (AVIEN), member of Association Anti-Virus Asian Researchers (AAVAR), WildList Reporter since 1998, Founder of Team Anti-Virus, and member of several unofficial associations. Several of his papers and articles have been printed in Security Focus, Virus Bulletin, and several other trade magazines. His biggest literary contribution so far has been the "Handbook of Corporate Malware Protection."
Michael P. Blanchard, CISSP, GCIH (gold), CCSA-NGX and MCSE, has been an IT professional for over 16 years, and is currently a member of AVIEN. His current major duties include Malware analysis / protection and assessment, vulnerability analysis and assessment, and other daily activities. Apart from some in-house training documents, Mike is also the author of the definitive whitepaper on the FunLove virus that he wrote to achieve his SANS GCIH gold certification (#350) in 2002, at www.giac.org/certified_professionals/practicals/GCIH/0350.php. Mike takes pride in his current professional role serving in the CIO’s Office of Information Security and Risk Management as the Senior Antivirus Security Engineer overseeing the malware protection on a global scale at EMC2 Corporation in Westborough, MA, a role that he’s had since 1999.
Andrew Lee CISSP is Chief Research Officer of ESET LLC. He was a founding member of the Anti-Virus Information Exchange Network (AVIEN) and its sister group AVIEWS (AVIEN Information & Early Warning System), is a member of AVAR and a reporter for the WildList organisation. He was previously at the sharp end of malware defense as a systems administrator in a large government organisation. Andrew is author of numerous articles on malware issues, and is a frequent speaker at conferences and events including ISC2 Seminars, AVAR, Virus Bulletin and EICAR.
Igor Muttik PhD is a senior architect with McAfee AvertTM. He started researching computer malware in 1980s when anti-virus industry was in its infancy. He is based in the UK and worked as a virus researcher for Dr. Solomon’s Software where he later headed the anti-virus research team. Since 1998 he has run Avert Research in EMEA and switched to his architectural role in 2002. Igor is a key contributor to the core security technology at McAfee. He takes particular interest in new emerging malware techniques, and in the design of security software and hardware appliances. Igor holds a PhD degree in physics and mathematics from Moscow University. He is a regular speaker at major international security conferences and a member of the Computer Antivirus Research Organization.
Bojan Zdrnja GCIA, CISSP, RHCE is Security Implementation Specialist at the University of Auckland, New Zealand. He previously worked as a security consultant and security team leader at the Faculty of Electrical Engineering and Computing, University of Zagreb, as part of a commercial team working on external projects. He was also a member of several Incident Response Teams for the Croatian CERT. He is a handler for the Internet Storm Center (ISC) and is also on the SANS Advisory Board and one of the GIAC Gold Advisors. Specialized areas of interest include analyzing malware, forensic analysis, incident handling. His publications include a security column for a Croatian computer magazine, the book What Are Computer Viruses? (Syspring), and diaries for the Internet Storm Center.
