دوره Kaspersky – Hunt APTs with Yara like a GReAT ninja

Have you ever wondered how Kaspersky’s GReAT experts discovered some of the world’s most famous APT attacks? Now, the answer is within your reach. Our specialists have poured years of experience from the prominent cases they have worked on into our online Threat Hunting with Yara training. Course leader Costin Raiu, a 25 year veteran of the threat hunting industry, will teach you the unconventional ways of working with Yara so that you can find threats of the same magnitude as his team. Specifically designed for self-paced learning, our course is deeply practical and enables you to learn-by-doing, hunting for real threats in our dedicated Virtual Lab. Using world-renowned cases like BlueTraveller, Sofacy & WildNeutron as the basis of the course, Costin shares insights and techniques from his team’s exclusive research on these cases. This knowledge will enhance your career and improve your organisation’s threat defences.

Syllabus

Inception
String based rules
Efficient rules
Taking advantage of Yara modules
Hunting for new samples on VTI
Wildcards
Digital Certificate, imphashes and developer footprints
Malicious Office documents, OLE format
Expert Yara exercises
YarGen, automation and a bit of magic

Hunt APTs with Yara like a GReAT ninja