Investigation: Conduct Malware Analysis

Document created by RSA Information Design and Development on Jun 26, 2017Last modified by RSA Information Design and Development on Jul 28, 2017
Version 2Show Document
  • View in full screen mode
  

Analysts can use the RSA Security Analytics Malware Analysis service to detect malware.

Once you initiate a Malware Analysis investigation, there is no specific order in which to conduct the investigation. Instead, Security Analytics offers various methods of displaying the data, filtering the data, querying the data, acting on a drill point, and inspecting specific events. This topic provides information and procedures for analysts who are using the RSA Security Analytics Malware Analysis service to detect malware in selected data and files.

Analysts who conduct analyses using Security Analytics Malware Analysis need to have the appropriate system roles and permissions set up for their user accounts. See Roles and Permissions for Analysts in the Malware Analysis Configuration Guide.An administrator must configure roles and permissions.

This document groups investigation tasks according to high-level functions of an Investigation:

Previous Topic:Reconstruct an Event
You are here
Table of Contents > Conduct Malware Analysis

Attachments

    Outcomes