About the Sana Labs team

« June 2006 | Main

August 08, 2006

Sana Security is hiring!

We have three job openings. We are looking for two malware researchers, who should

• Analyze suspicious code for signs of Malware, viruses, and exploits
• Identify and research new attack techniques
• Research product improvements to help detect and eliminate security threats

Skills required:
• Hands on experience at identifying Windows malicious code
• Reverse engineering Windows executables
• Working knowledge of exploitation tools and techniques
• Experience with Win32 packing and unpacking technologies
• Understanding of x86 assembly language, C/C++, Java, and scripting languages such as PERL


We are also looking for a software engineer to join our team. This developer will be in charge of the development and maintenance of the backend infrastructure used here at Sana Security. This position is fast-paced and plays a key role in the success of the company.

• Plan and manage the development of mission critical internal applications
• Develop applications for automation and reporting of security related information
• Work with the product team to coordinate new features into the back end system

Skills required are

• Strong server application development skills
• Professional experience developing and maintaining database driven Java, J2EE, and Perl applications
• Experience planning and developing database schemas
• Experience working with Linux, Apache, MySQL

Please contact Jeremy Pickett

Posted by matt at 10:35 AM | Comments (0)

Two talks for the price of one!

I gave two talks at the Vanguard Security Expo in San Diego. Get the slides by clicking the links

Resilient Infrastructure for Network Security

This covers a model that I originally wrote about in a paper in the Complexity journal (available here). I have updated the model somewhat in these slides. The talk argues that traditional security models (consisting of prevention, detection and response) fail in the face of very fast attacks (e.g. worms) or very slow ones (information stealing malware). The slides talk about possible technologies that can augment prevention, detection and response to give better performance on fast and slow attacks.

Combining Endpoint and Network Defenses

This looks at the properties of common defenses on the network and endpoint for malware, and looks at how they stack up when implemented in different places, to make sure that adding defenses in the network and the endpoint result in better security.

Posted by matt at 10:16 AM | Comments (0)