We are well aware that the Quant research can be overwhelming. 70+ pages of process, metrics, and survey data is a lot to get through. So we have broken the Malware Analysis Quant project up into two phases. The first phase focuses on defining and describing the underlying process. In the second phase we get into metrics and run the survey to figure out who is actually doing which aspects of the process. In the end will still produce the big paper in all its glory. But we figured an interim deliverable at the end of Phase 1 would make a lot of sense. So that’s what we have done.

Download paper: Malware Analysis Quant: Phase 1 – The Process (PDF)

You will see that we have updated the process map once again to account for the fact that some organizations find infected devices and just remediate them. They don’t analyze the malware, or even see whether other devices have been infected. We don’t get it either, but it happens, so we need to reflect the possibility in the process map.

Again, we want to thank Sourcefire for sponsoring this Quant project.