Page 8 - index
P. 8
SHOULD YOU BUILD OR BUY YOUR MALWARE ANALYSIS
PLATFORM?
Introduction to classic problem should I build myself or buy off-the-shelf?"
by Michael Rosen
This is the classic question found in nearly every industry and across all technological eras. It extends
equally to both the physical and virtual worlds and involves multifactor trade-offs that necessarily
include imperfect information, plus highly subjective value judgments concerning the relative
weightings of the various decision factors.
As an IT professional who is responsible for thoroughly analyzing malware and understanding its many
harmful effects upon an organization’s networks, systems and data, you are uniquely tuned the
challenges of finding solutions that meet the needs of the changing front landscape. Whether you
ultimately elect to build your own custom malware analysis testbed or purchase a commercial solution,
you must understand the full impact of your decision, including possible unintended consequences or
ripple effects.
Most of all, you must be prepared to live with the consequences of your decision and be ready to
defend it against critics for a substantial period of time. After all, your credibility is on the line!
DO YOU NEED A TOOL OR A FINISHED PRODUCT?
“What am I going to use the solution for?”
Before you build or buy something, ask yourself what you plan to do with it and how you plan to utilize
it? Understand your needs and your goals.
Do you have enough time and the right skills necessary to build a custom solution that is roughly
commensurate with equivalent commercial products already on the market?
Even if you could, what are the opportunity costs you would forego by expending resources towards
building a custom malware analysis testbed?
And finally, be sure to ask “What can go wrong?”
KNOW WHAT YOU ARE DOING AND WHY
Approach to Analyzing Malware
Your approach to analyzing malware is perhaps the single most important factor to understand before
making your build-buy decision. The approach you take drives your usage of any given solution, which
in turn determines your needs.
Which statement best fits your approach to analyzing malware within your organization?
8 Cyber Warnings E-Magazine – August 2013 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
