Hi, I'm currently a software developer who is getting into malware analysis and reverse engineering; this is where my passion lies.
One question I have is, what can I do to further develop myself as an analyst? I'm currently working through Practical Malware Analysis and Practical Reverse Engineering. When I'm done with the labs, I'll be moving onto Malware Analysis Cookbook... Soon I'm going to start going and downloading known malware samples to analyze on my lab machine... But of course there is limited "value" (aside from my personal education) in doing this for the market since these are already classified and they already have definitions. So my questions are:
1. Is it necessary for me to be a "good" analyst that I work on all or mostly unclassified malware?
2. How do I do this? I currently have no idea where to obtain "fresh" unanalyzed malware. I'd like to do this both in my own time and eventually for a company as well... But if I could do it independently, I'd love to do that too. Thanks.