BSidesLV 2017 has ended
Back To Schedule
Tuesday, July 25 • 19:30 - 19:55
YARA-as-a-Service (YaaS): Real-Time Serverless Malware Detection

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This will be the official public launch of BinaryAlert, a newly developed open-source serverless AWS pipeline where any file uploaded to an S3 bucket is immediately scanned with a configurable set of YARA rules. An alert will fire as soon as any match is found, giving an incident response team the ability to quickly contain the threat before it spreads.

The serverless design leads to strong security, automatic scalability, and very low cost. The YARA ruleset can be updated at any time, triggering a re-analysis of the entire bucket and alerting if any new matches are found. BinaryAlert is fully managed with Terraform configuration files and can be deployed in minutes with a single command.

This talk will review the flexibility and popularity of YARA rules, explain the BinaryAlert architecture and demo a deployment followed by a triggered alert (starting from only an empty AWS account).

avatar for Austin Byers

Austin Byers

Software Engineer | CSIRT, Airbnb
I joined Airbnb in 2016 as a software engineer on the security team. Since then, I've been working on Airbnb's encryption services and incident response tools, including Cipher and the open-source StreamAlert project, respectively. Prior to my professional work, I was the University... Read More →

Tuesday July 25, 2017 19:30 - 19:55 PDT
Breaking Ground (Florentine A) 255 E Flamingo Rd, Las Vegas, NV 89169