The number of unique malware has been doubling every year for over two decades. The majority of effort in malware analysis has focused on methods for preventing malware infection. The presenters view the exponential growth of malware as an underutilized source of intelligence. Given that the number of malware authors are not doubling each year the large volume of malware must contain evidence that connects them. The challenge is how to extract the connections.