New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

Punking BoratRAT: from Analysis to Detection Engineering in a Day 

 class=

Whenever new malware shows up, threat hunters and network defenders should be asking themselves: “Would we detect this in our enterprise environment?” In this webinar, we’ll take a practical example from a recently-published malware analysis report on BoratRAT, and walk through the process that Binary Defense threat hunters took to build a threat emulation using the SCYTHE platform. Rather than guess what it would look like if the malware ran, we’ll show how to run the SCYTHE threat to test your detection logic and find any gaps in your defenses. 

Join Binary Defense Vice President of Threat Hunting and Counterintelligence, Randy Pargman, and SCYTHE Chief Technology Officer, Jorge Orchilles, during this webinar where they will cover the following topics: 

  • What a successful malware execution looks like 
  • Ways to efficiently and reliably test your environment  
  • Processes to have in place to increase your security 
  • How and where to detect threats 

About the Presenter

Randy Pargman & Jorge Orchilles

Randy Pargman 

Randy Pargman is the Senior Director of Threat Hunting and Counterintelligence at Binary Defense.  In this role, he leads the teams responsible for advanced analysis of malware, development of technology to detect threat actor activity, threat intelligence research of criminal forums, and monitoring of Darknet, Clearnet and Social Media platforms for threat indicators.  Randy previously worked for the FBI, where he served for 15 years, most recently as a Senior Computer Scientist on the Cyber Task Force in Seattle. 

Jorge Orchilles 

Jorge Orchilles is the Chief Technology Officer of SCYTHE and co-creator of the C2 Matrix project and author of the Purple Team Exercise Framework. He is a SANS Certified Instructor and the author of Security 564: Red Team Exercises and Adversary Emulation. He was a founding member of MITRE Engenuity Center of Threat-Informed Defense. He is a Fellow at the Information Systems Security Association (ISSA) and National Security Institute. Prior, Jorge led the offensive security team at Citi for over 10 years.