What is included in 'malware analysis'?

Malware analysis is fundamentally concerned with understanding the nature and behavior of malicious software. It involves studying how malware functions, what systems it targets, and the impact it can have on those systems. This process typically includes examining the code of the malware, analyzing its effects on operating system processes, network behavior, and how it propagates. By performing such analyses, cybersecurity professionals can gain insights into the tactics employed by attackers and develop better defenses against future threats.

While the removal of malware, development of antidotes, and classification of malware are important aspects of cybersecurity, they are not the primary focus of malware analysis itself. Removal pertains to post-infection responses, antidotes relate to mitigation strategies, and classification is more about categorizing malware rather than understanding its inner workings. Thus, the study of malware to understand its behavior and impact is the key component of malware analysis.