Question

How do organizations get malware that needs to be analyzed?

▪ Pre-compromise – Email, web surfing interception, or honeypot collection

▪ Post-compromise - Incident response collection

Answer 1

How do organizations get malware that needs to be analyzed?

1.Pre-compromise

(a).EMAIL:- There are so many ways by which the malware can enter in the organization in which the email medium for malware is quite easy because in any organization whether formal or informal data information data transfer medium for every single employee of the organization in through emailing also it includes there salary bank details as well as there life performance documents and records. As per this it’s very easy for anyone to heck or introduces the malware through it. Because of this many organizations faced financial cries in a very bad phase, because of this many official details got leaked, and also the bank account got checked. This is a serious problem nowadays for any organization. There are various conditions where the malware checked all the servers as well as the payment method of that particular organization. So, because of this issue and risk, it should be analyzed properly in every stage so that we can prevent our precious data from the other mischievous and unwanted persons tool or element. To prevent that risk we take some steps by advance malware analysis tools that are mentioned below:-
 Advanced malware analysis tools analyze the files in which the tool gets any type of doubt and blocked before it can do any harm.
It also defends against non- email against attack.
It doesn’t depend upon the employe working action.
Automatically detectable method.

(b). Web surfing interception:- In today’s world where everything depends upon the internet surfing this medium is very basic for any malware to enter the organization database and ruined it to the core. Because of the excessive use of internet browning for every single type of thing the malware have the unlimited type of doors to enter in the main system and can easily heck the main brach and roots of the whole organization system. It is very necessary to block the malware at the initial stage and to prevent our data from it. For that, we use some Malware web surfing interception analyzing tool which helps to prevent it in the initial stages and save our data automatically and we can generally know these tools as ANTIVIRUS or ANTISPYWARE programs.
(c) .  Honeypot collection:-As the server honeypots allow us to give a brief and deep knowledge of server-side attacks, whereas in other hand client honey spots give as deep knowledge and enable us for the understanding of client-side attacks.  By taking help from the integrated framework we are possibly able to collect both types of attack threads. Because of which the data or organization, as well as the employee or client data, is not safe in the organizations but there is some malware analyzing tools that help the organization to save their data as well as deep client data from that type of thread or attackers like firewall, etc.

2.  Post-compromise
(a). Incident response collection:- In this type of medium the malware attack the stages of the particular organization like data system, browser handling, etc. because of which it very difficult to know whether the actual problem is happening and because of this issue most of the data captured by the malware without giving any type of thread. And it causes the stage-wise deep down damage to the organization and also gets recorded easily by anyone. And to analyze that malware we have to operate and install the analyzing tool, particularly in each stage so that it can detect in automatically and in the initial stage and stop the damage also give the protection zone for further post compromised attack.