Case Barnes

Practice Manager, Enterprise Incident Management and Response

Case Barnes is a manager of Optiv’s enterprise incident management practice where he provides clients tactical solutions to mitigate the consequences of executing malicious code and the actions of internal and external threat actors.

 

Maturing IR Capabilities into an Incident Management Program – Part 2 of 3

· By Jenn Black, Jeff Wichman, Case Barnes, Erik Schmidt, Curtis Fechner ·

The capability to respond effectively to cyber incidents is one of the most critical components of an enterprise security program. However, many companies still lack a solid incident response program (IRP) entirely or don’t take incident response planning seriously enough.

Continue reading

Making IDA ::1 Part Two – Technicolor Listings for the Visually Minded

· By Case Barnes ·

One feature of OllyDbg I love, which I miss when using IDA for viewing disassembly listings and debugging, is Schemes. Schemes in OllyDbg allow the user to assign commands and operands to specific colors. Figure 1 shows OllyDbg using the Jumps’n’calls highlighting Scheme, where calls are highlighted red and jumps in yellow and blue.

Continue reading

Making IDA ::1 Part One – YARA Signature Creation

· By Case Barnes ·

During the course of a Malware Emergency Response, it is often necessary to create YARA signatures or byte signatures for other tools to help identify files similar to the initial malware executables discovered on hosts across the network. Open source tools such as YARA are routinely used on jobs when customers have a deficiency in commercial tools

Continue reading
(3 Results)