homepage
Open menu
Contact Sales

Anuj Soni

Anuj Soni is a Principal Reverse Engineer at United Healthcare, where he specializes in malware research and analysis. With over 15 years of experience in malware analysis and incident response, Anuj brings a wealth of knowledge and problem-solving skills to his role as a SANS Instructor and author. His passion for teaching allows him to share his deep technical expertise and practical insights with students worldwide. Anuj is the author of FOR710: Reverse-Engineering Malware: Advanced Code Analysis and co-author of FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques.

More About Anuj
Specialties
Headshot of Anuj Soni

Profile

Anuj Soni initially pursued a career fighting cybercrime for the thrill of the hunt. "The rush of tracking bad guys and gals, uncovering their tools, and understanding their motives is just way too fun," he says. "I simply can't get enough of it."

"Tools come and go, but if you develop a process that works for you and are patient with yourself, creativity will flow," he says. "Automate what can be automated and enjoy working through the hard stuff" - that is, the actual analysis.
Since entering the information security field in 2005, Anuj has performed numerous intrusion investigations to help government and commercial clients mitigate attacks against the enterprise. His malware hunting and technical analysis skills have resulted in the successful identification, containment, and remediation of multiple threat actor groups. Anuj has analyzed hundreds of malware samples to assess function, purpose, and impact, and his recommendations have improved the security posture of numerous organizations. Anuj excels not only in delivering rigorous forensic analysis, but also in process development, knowledge management, and team leadership to accelerate incident response efforts.

In addition to his work with SANS, he regularly presents at industry events such as BSides conferences and the SANS DFIR Summit. Anuj is also a YouTube noob, but persists in trying to create helpful malware analysis videos for anyone interested in watching.

Anuj holds both a bachelor’s and a master’s degree from Carnegie Mellon University, along with the GIAC Reverse Engineering Malware (GREM) certification. When Anuj is away from his computer, you'll find him working out at the local gym, or with his kids - which is also a workout.

Get to Know Anuj Soni:

  • More than a decade of experience performing forensic, malware, and network analysis
  • Check out Anuj's blog at https://malwology.com/
  • View Anuj's recent interview at the SANS Cyber Defense Initiative event in Washington, DC

Hear Anuj discuss how to perform code analysis with Ghidra:

ADDITIONAL CONTRIBUTIONS BY ANUJ SONI:

WEBCASTS

The State of Malware Analysis: Advice from the Trenches, September 2019


PUBLICATIONS

Malicious Payloads - Hiding Beneath the WAV

An Introduction To Code Analysis With Ghidra


PODCASTS

InSecurity Podcast, The BlackBerry 2020 Threat Report

Anuj's Contributions

Malware_Blogs.png
Blog
Latest Must-Read Malware Analysis Blogs
In this post, we present a selection of recent malware analysis write-ups to highlight individuals' passion for malware analysis
Anuj Soni
Senior Instructor
read more
Blog
SANS FOR610: Reverse-Engineering Malware – Now, with Ghidra
SANS FOR610: Reverse-Engineering Malware now uses Ghidra for static code analysis.
Anuj Soni
Senior Instructor
read more
Blog
Mastering Malware Analysis Skills - The Power of a Capture-the-Flag Tournament
Here at SANS, we've worked hard to deliver a Reverse Engineering Malware course packed with technical knowledge, hands-on exercises, and our insights from years of experience. Just as attackers and their tools continue to evolve, so has this course to arm participants with relevant skills they can...
Anuj Soni
Senior Instructor
read more
Blog
How to Track Your Malware Analysis Findings
Introduction The field of incident response, forensics, and malware analysis is full of thrilling hunts and exciting investigations where you have an opportunity to aggressively pursue the activities of adversaries. While technical acumen certainly supports these efforts, a truly successful...
Anuj Soni
Senior Instructor
read more
Blog
The Importance of Command and Control Analysis for Incident Response
Understanding command and control (a.k.a. C2, CnC or C&C), is critical to effectively detect, analyze, and remediate malware incidents. The phrase "command and control", which has its origins in military terminology, refers to the approach an attacker uses to take command of and exercise control...
Anuj Soni
Senior Instructor
read more