SuriCon2024 Malware Analysis for Threat Detection [PRE-CONFERENCE TRAINING]

Delivered by Suricata community members and OISF's former Director of Training, Dr. Josh Stroschein, this 2-day advanced user training is held the same week as SuriCon2024 - join us for both and receive a 20% discount on this training!

Threat actors use sophisticated techniques to deliver malware and evade detection, thwarting even the latest in defensive security technology. In this course, Malware Analysis for Threat Detection, you'll learn how to use malware analysis and crowdsourced intelligence to create custom detections utilizing Yara, Suricata and Sigma as a foundation. These signatures can be used to enhance security products, detect and prevent emerging threats, and improve threat hunting and malware identification. This is a fast-paced course that will help you in mastering static and behavioral-based detections to protect your organization. By the end of this course you will have the knowledge to apply malware analysis to create quality detection rules for malware and its associated activity.

How to receive your discount:

1. Purchase your ticket for SuriCon2024 by visiting https://suricon2024-madrid.eventbrite.com.
2. Email us at [email protected] and let us know your intention to attend both events.
3. We'll provide a single-use discount link to register for the training.

MORE INFORMATION:

In today's threat landscape, it is more important than ever for security teams to be able to identify and respond to malicious attacks. Threat actors use sophisticated techniques to bypass enterprise security to avoid detection and maintain persistence to compromise an organization. For a security team, identifying this activity through different detections is paramount in disrupting these attacks and limiting the damage when a compromise occurs. In this course, Malware Analysis for Threat Detection, you will learn how to use malware analysis and reverse engineering to master the creation of custom rules. This course will provide students with the hands-on experience to look at malware through the eyes of a detection engineer, utilizing open-source technology such as Yara, Suricata and Sigma to learn strategies for making effective file, network and host-based rules. These rules can be utilized in a wide number of security products to increase organizational security. By the end of this course, you will be able to use malware analysis to create custom detections that can be used to protect your organization from malicious attacks.

Threat intelligence advisories can be a valuable resource for detection engineers, but they often provide limited information. Creating or updating signatures can become even more difficult if the malware used was targeting your organization, which often leaves little open-source reporting to aid in your investigation. In order to create effective rules, it is necessary to conduct focused malware analysis. This is a fast-paced course designed to take you deep into the methods of creating custom signatures. Each module will contain interactive, hands-on demonstrations and immersive labs to test and reaffirm key learning objectives. This course will teach you how to use the results of malware analysis to create custom rules for your organization's security needs. This is an ideal course for security analysts, malware analysts/researchers and blue teams that need to get hands-on diving deep into malicious software to create more effective detections.

Pre-requisites: This is an intermediate to advanced level course. Students should have the following knowledge to get the most out of this training:

• Being able to import and run a VM (minimum 2CPU / 5GB RAM) on your laptop
• Basic experience with installing, compiling, configuring and running Suricata is a must
• Hands on Linux command line
• TCP/IP networking

Refund Policy for SuriCon2024 (Trainings and Conference)

We value your commitment to SuriCon. However, we understand that plans can change, and we aim to be as accommodating as possible within our operational constraints. Please see our refund and credit policy below.

• Refunds: Refunds are not available except in specific circumstances. We will issue refunds only if we need to cancel a training due to low enrollment or events beyond our control, such as catastrophic world events (e.g., natural disasters, global health emergencies).
• Cancellations by Participants: If you need to cancel your ticket, please notify us at least by November 1, 2024. While refunds are not available for cancellations, we are pleased to offer a credit towards a ticket for SuriCon2025 conference or training (which ever is applicable). This advance notice helps to ensure OISF does not incur unnecessary expenditures.
• Credit Details: Credits for future training are subject to availability and will cover the full cost of your original ticket and can be transferred to another individual if you are unable to attend.
• Exceptions: In cases of personal emergency or health issues, please contact us to discuss potential accommodations, which may include exceptions to our standard policy.

Please note, all net proceeds from SuriCon2024 and all related training events directly fund the development of Suricata and support OISF's mission.

Contact: For queries, feel free to reach out at [email protected] or visit https://suricon.net.

Host or Publisher OISF