Malware Analysis: The Danger of Connecting the Dots

“The findings and conclusions of malware ‘analysis’ are not in fact analysis; they are, however, a collection of data points linked together by assumptions whose validity and credibility have not been evaluated. This lack of analytic methodology could prove exceedingly problematic for those charged with making decisions about cyber security. If you cannot trust your analysis, how are you supposed to make sound cyber security decisions?”

Source: OODA Loop – Malware Analysis: The Danger of Connecting the Dots