Advanced Malware Hunting & Prevention

During this 5-day course of super intensive training you will gain crucial cybersecurity knowledge and skills in terms of Advanced Malware Hunting & Prevention.

You´ll be able to:

  • Get the highest quality and unique learning experience – the class is limited to 20 participants by default.
  • Get the opportunity to interact with our world-renowned Experts.
  • Go through CQURE’s custom lab exercises and practice them after the course.
  • Receive a lifelong certification after completing the course!

Why this course?

This is an international Live Virtual Class where you will be able to share the learning experience with a group of IT pros from around the world without leaving your home or office! The class is taught fully remotely in English by CQURE Cybersecurity Experts. In order to ensure the highest quality and unique learning experience, the course is limited to 16 participants by default, or supported by an assistant instructor if the number of delegates exceeds 16. During this course, you will have the opportunity to go through CQURE’s custom lab exercises, interact with our world-renowned Expert and receive a lifelong certification after completing the course!

Prerequisites

To participate in the course you need a stable internet connection. For best learning experience we also need you to have a webcam, headphones and a microphone. Open RDP port 3391 for the connection to the Lab environment is needed as well. We will setup a secure Zoom classroom for every day of the course – we will send you a safe link to join the conference by e-mail.

 Target Audience

The course is perfect for enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants.

Module 1: What is Malware

  1. Malware History
  2. Malware Goals
  3. Types of Malware
  4. Advanced Persistent Threats
  5. Indicators of Compromise

Module 2: Introduction to Malware Analysis

  1. Types of malware analysis
  2. Goals of malware analysis
  3. Impact analysis
  4. Containment and mitigation
  5. Incident prevention and response playbooks
  6. Setting up sandbox environment
  7. Cloud-based malware analysis

Module 3: Static Malware Analysis

  1. Executable analysis
  2. Extracting secrets
  3. Determining if file is packed or obfuscated
  4. Fingerprinting the malware
  5. Pattern matching using YARA

Module 4: Behavioral Malware Analysis

  1. Malware detonation
  2. Sysinternals suite
  3. Network communication analysis
  4. Monitoring system events
  5. Memory dump analysis
  6. Simulating real environment

Module 5: Malicious non-exe files

  1. Alternative binaries
  2. PowerShell scripts
  3. Office documents
  4. JScript
  5. HTML documents
  6. Living off the land binaries

Module 6: Advanced Techniques used by Malware

  1. Malware persistence methods
  2. Malware stealth techniques
  3. Covert channel communication
  4. Domain Generator Algorithms
  5. Anti-VM and Anti-debugging tricks

Module 7: Defense against Malware

  1. Types of defenses against malware
  2. Antivirus and antimalware solutions and bypass techniques
  3. AI and ML in security
  4. Exploit guard
  5. Overview of whitelisting solutions in security
  6. Leveraging Microsoft Defender XDR
  7. Usage of SIEM solutions and building rules and workflows

Module 8: Implementing Network Whitelisting

  1. IPS and IDS solutions in fight against malware
  2. Firewall and analysis of incoming traffic
  3. Windows blocking outgoing traffic as countermeasure for malware home calling
  4. Increasing network security with 802.1X

Module 9: Implementing Application Whitelisting

  1. Software restriction policy – bad or good?
  2. Applocker – secure way of whitelisting application
  3. Device guard security in fight against malware

Module 10: Implementing and Maintaining Whitelisting on the Enterprise Scale

  1. Working with application identity
  2. Code signing in application whitelisting
  3. Application reputation filters
  4. Planning and implementing application whitelisting in enterprise without paralyzing business

Certification

After finishing the course, you will be granted a CQURE Certificate of Completion. Please note that after completing the course you will also be eligible for CPE points!

 


FAQ – Introduction to Penetration Testing

Varighet: 5 dager (35 timer)
Format: Klasserom eller live online med virtuelle laber
Sertifisering: Livslang CQURE Certificate of Completion

Hva lærer jeg på dette kurset?

Du får avansert og praktisk kompetanse innen malware-analyse, hunting og forebygging i enterprise-miljøer. Kurset kombinerer offensive teknikker brukt av angripere med defensive strategier for å oppdage, stoppe og forhindre avanserte trusler.

Du lærer blant annet:

  • Statisk og dynamisk malware-analyse
  • Bruk av YARA og memory analysis
  • Analyse av nettverkstrafikk og systematferd
  • Oppdagelse av persistence- og stealth-teknikker
  • Forsvar med Microsoft Defender XDR og SIEM
  • Implementering av application og network whitelisting
  • Hvordan bygge robuste forebyggende sikkerhetsstrategier

Hvem passer kurset for?

Kurset er spesielt relevant for:

  • Enterprise administrators
  • Infrastructure architects
  • Security professionals
  • Systems engineers
  • Network administrators
  • Security consultants
  • IT-profesjonelle med ansvar for sikkerhet

Hvilke forkunnskaper kreves?

Du bør ha erfaring fra enterprise- eller infrastrukturmiljøer og generell forståelse av IT-sikkerhet. Dette er et avansert kurs og passer ikke for nybegynnere innen cybersecurity.

Du trenger også:

  • Stabil internettforbindelse
  • Webkamera, mikrofon og hodetelefoner
  • Åpnet RDP-port 3391 for tilgang til labmiljø
  • Zoom for undervisning

Hvordan foregår kurset?

Kurset leveres som en internasjonal live virtuell klasse over fem intensive dager.

Du får:

  • Direkte undervisning fra CQURE Cybersecurity Experts
  • Interaksjon med deltakere fra hele verden
  • Praktiske labøvelser i realistiske miljøer
  • Begrenset antall deltakere for tett oppfølging
  • Livslang sertifisering etter fullført kurs

Er kurset praktisk?

Ja. Kurset er sterkt hands-on. Du jobber i sandbox- og labmiljøer hvor du analyserer ekte malware-scenarier, utfører deteksjon, bygger regler og implementerer forsvarsmekanismer.

Hva dekker kursinnholdet?

Kurset dekker blant annet:

  • Malware-historikk og APT-er
  • Statisk analyse av kjørbare filer
  • Identifisering av obfuskering og pakkede filer
  • YARA pattern matching
  • Behavioral analysis og malware detonation
  • Analyse av PowerShell, Office-dokumenter og script-baserte angrep
  • Persistence- og stealth-teknikker
  • Domain Generation Algorithms
  • Anti-VM og anti-debugging
  • Microsoft Defender XDR og SIEM
  • Network og application whitelisting
  • Enterprise-scale sikkerhetsimplementering

Lærer jeg både hunting og prevention?

Ja. Kurset dekker hele spekteret:

  • Hvordan malware fungerer
  • Hvordan det oppdages
  • Hvordan det analyseres
  • Hvordan det stoppes
  • Hvordan man bygger forebyggende sikkerhetsarkitektur

Får jeg sertifisering?

Ja. Etter fullført kurs mottar du en livslang Certificate of Completion fra CQURE. Sertifiseringen krever ingen fornyelse.

Hva gjør dette kurset annerledes enn andre malware-kurs?

Kurset kombinerer:

  • Teknisk dybde
  • Reelle angrepsteknikker
  • Enterprise-skalerbar forebygging
  • Hands-on laber
  • Instruktører med omfattende praktisk erfaring

Det fokuserer ikke bare på analyse, men også på hvordan du implementerer varige sikkerhetstiltak i organisasjonen.

Hva vil jeg sitte igjen med etter kurset?

Du vil kunne:

  • Analysere og forstå avansert malware
  • Oppdage kompromittering gjennom IOCs
  • Bruke YARA og memory analysis effektivt
  • Implementere whitelisting i enterprise
  • Forbedre organisasjonens malware-forsvar
  • Designe robuste forebyggende sikkerhetsstrategier

See other relevant courses to explore:

Andre relevante kurs

MasterClass: Hacking and Securing Windows Infrastructure
13. april
5 dager
Virtual Classroom
Masterclass: Internet Information Services Management (IIS)
4 dager
Virtual Classroom
Masterclass: System Forensics, Incident Handling And Threat Hunting
3 dager
Virtual Classroom
MasterClass: Windows Security and Infrastructure Management with Windows Internals
23. mars
4 dager
Classroom Virtual