Educause Security Discussion mailing list archives

Malware forensics

From: "Nevin, David" <Dave.Nevin () OREGONSTATE EDU>
Date: Fri, 18 Nov 2011 10:07:36 -0800

We're currently reevaluating how we perform Malware forensics here and wanted to see what others were doing. Are you 
doing it in-house or outsourcing?

If in-house, do you have dedicated staff for this, or is this tasked distributed? How do you keep people current—do you 
have a preferred vendor for training?

If you outsource, do you use a major vendor such as one of the big consulting firms, or do you prefer a local 
specialist? How has this worked for you?

Or have you implemented a blended solution, where certain cases are handled in-house and others referred to a vendor?

Thanks all, and happy Friday,

Dave

--
Dave Nevin, IT Manager
Technology Support Services/Information Services
Oregon State University
Corvallis, OR

Current thread:

Re: Deepfreeze - Why not?, (continued)
- - Re: Deepfreeze - Why not? Mclaughlin, Kevin (mclaugkl) (Nov 17)
    - Re: Deepfreeze - Why not? Michael Sana (Nov 17)
    - Re: Deepfreeze - Why not? Schoenefeld, Keith P. (Nov 17)
    - Re: Deepfreeze - Why not? Ryan Hiebert (Nov 17)
    - Re: Deepfreeze - Why not? Dave Koontz (Nov 17)
- Re: Deepfreeze - Why not? SCHALIP, MICHAEL (Nov 17)
  - Re: Deepfreeze - Why not? Rich Graves (Nov 17)
    - Re: Deepfreeze - Why not? Mclaughlin, Kevin (mclaugkl) (Nov 17)
    - Re: Deepfreeze - Why not? Tim Doty (Nov 18)
  - Re: Deepfreeze - Why not? Heath Barnhart (Nov 18)
    - Malware forensics Nevin, David (Nov 18)
    - Re: Malware forensics Mclaughlin, Kevin (mclaugkl) (Nov 18)
    - Re: Malware forensics Brian J Smith-Sweeney (Nov 20)
    - Re: Malware forensics Nevin, David (Nov 28)
  - Re: Deepfreeze - Why not? Kevin Kelly (Nov 18)
    - Re: Deepfreeze - Why not? Mclaughlin, Kevin (mclaugkl) (Nov 18)