DRAKVUF Sandbox - Open source, self-hosted malware sandbox in hypervisor
Please don’t be frightened if you don’t know what “sandboxes” are for. The presentation will introduce any basic information and will feature any comic demos :) DRAKVUF Sandbox is simply a same hosted, open origin dynamic malware analysis strategy that uses cutting edge monitoring techniques. Currently, it is the only open, actively developed strategy that uses the method of virtual device introspection (VMI). By utilizing this technology, it is possible to analyse malware adapted to avoid regular sandboxes, as well as more in-depth monitoring of the actions taken by the example in the system. During the talk, we will briefly introduce DRAKVUF's ecosystem, explain what is Virtual device Introspection, how it's different from regular approach to sandboxing, what are the unique challenges with improvement of specified systems, how analysts could benefit on that and how to integrate it into your own malware processing pipeline.
Website: https://confidence-conference.org
Facebook: https://www.facebook.com/confidence.conference
Twitter: https://twitter.com/confidenceconf
![[#104] Wykorzystanie narzędzi BAS do wzmocnienia bezpieczeństwa - Piotr Kawa, Błażej Długopolski](https://i1.ytimg.com/vi/-wnYrwWZA38/maxresdefault.jpg)
![[#103] Jak regulacje determinują architekturę środowiska IT - Wojciech Wencel](https://i1.ytimg.com/vi/26Vr-y2G_xQ/maxresdefault.jpg)
