Hello, Habr! My name is Alexey Vishnyakov. I am the head of the malware detection department at PT Expert Security Center . In one of the previous articles, we wrote about what DevOps engineers do in our company, and today I will tell you what my department is doing and what technical problems we have to solve, I will share my own experience and highlight the competencies that you need to have in order to join. to our team.
The beginning of time
Six months ago, our company did not have a malware detection department at all, and my team was formed, as they say, from scratch. When developing a sandbox PT Sandboxit became necessary to support our R&D expertise in terms of knowledge about malware: what types of malware are there and what level of threat they have, what techniques cybercriminals use and what methods exist to detect them. The information security threat research department had such knowledge, so part of the team reoriented itself to tasks related to the transfer of expertise to the sandbox. Time has shown that we still need an independent department to fully support the new product. There were opportunities and people: by that time we had a new blood - trainees and trainees. And we realized that everything was ready for the formation of a new structure as part of the Positive Technologies security expert center.
Today, the malware detection department is responsible for the expert component of Positive Technologies' products. For example, we write static and dynamic rules for detecting malicious code that are included in PT Sandbox , as well as generate and supply indicators of compromise for other Positive Technologies solutions , provide expert support services for products, including malware analysis, retrospective event analysis, and much more. ... There are 7 people in my team, some of whom are students. I note that they perfectly combine work with study, showing good results in the company.
Work that makes sense
โ , , . , , . ยซยป , - , . โ . , .
, , , . : , , .
: , , . , .
,
,
, , : , . , .
: , , , , .
, (, :)โ), , , .
:
, Windows, Linux, macOS, Android iOS.
, , .
.
( !).
- , โ , .
, . , , , , , : , , . , : , , , .
โ . , , . PT Expert Security Center? .
: , , , . โ .
: , , รณ . , Positive Technologies , .
***