MALWARE ANALISYS
AUDIENCE
Security Professionals & technically skilled incident responders' analyst
PRE-REQUISITES
-
Candidates with understanding of development, networking, Linux and Windows.
-
Each candidate must pass an entrance exam.
LOCATION
-
Online
-
Face to face (bootcamp)
-
Hybrid
-
Train-the-Trainer
DESCRIPTION
Understanding the capabilities of malware is critical to your ability to derive threat intelligence, respond to cybersecurity incidents, and fortify enterprise defenses.
This course builds a strong foundation for reverse-engineering malicious software using a variety of system and network monitoring utilities, a disassembler, a debugger, and many other freely available tools.
COURSE OBJECTIVES
After completing this course, you should be able to:
-
Build an isolated, controlled laboratory environment for analyzing the code and behavior of malicious programs
-
Employ network and system-monitoring tools to examine how malware interacts with the file system, registry, network, and other processes in a Windows environment
-
Control relevant aspects of the malicious program's behavior through network traffic interception and code patching to perform effective malware analysis
-
Use a disassembler and a debugger to examine the inner workings of malicious Windows executables
-
Bypass a variety of packers and other defensive mechanisms designed by malware authors to misdirect, confuse, and otherwise slow down the analyst
-
Recognize and understand common assembly-level patterns in malicious code, such as code L injection, API hooking, and anti-analysis measures
-
Assess the threat associated with malicious documents, such as PDF and Microsoft Office files
-
Derive Indicators of Compromise (IOCs) from malicious executables to strengthen incident response and threat intelligence efforts.
