Don't second guess. Go with experience.

This event has passed

Pattern Recognition, Analysis and Profiling Class, February 2019

CyberDefenses Academy



February 26 - 28


NCFTA Training Facility, 2000 Technology Dr. Stuie 450, Pittsburgh, PA 15219

Delivery Method



May be eligible for CPE credit. Check with your accreditation representative.

Audience / Level



Basic familiarity with cybersecurity topics, Linux Operating System and Command Line Interface (CLI)


Laptop required

Course Details

Program Introduction

Offered in partnership with the National Cyber-Forensics and Training Alliance

This immersive threat intelligence, cyber-forensics course digs deep into recognizing cybercrime patterns in data from real-life events. It spans large bundles of data to finding patterns in diverse streams of information.  Attendees gain a grounded understanding of data pattern analysis through an introduction to patterns and regular expressions in addition to skills development via practice. Students are able to participate in a series of labs to leverage the techniques to find, solve, and investigate data.

This training will be hands-on working directly with CyberDefenses and NCFTA personnel. Attendees will become familiar with a variety of analytical techniques and open source tools to recognize, analyze, and profile data, organizations and individuals.

Basic familiarity with cybersecurity topics, Linux operation system and Command Line Interface (CLI) will assist in understanding topics in this course.

CyberDefenses and the National Cyber-Forensics and Training Alliance (NCFTA) offers law enforcement, industry and academia training courses on the current cyber-threat landscape. This training course combines lectures and hands-on exercises delivered by CyberDefenses, NCFTA personnel and other subject matter experts.

Course Objectives

  • Define and recognize patterns
  • Build patterns with common tools such as E/Grep, Sed, Awk and Regex
  • Understand YARA, how it works, its uses and how it can be employed to define patterns to find files or information in files, regardless of type or state
  • Navigate large dumps of data, using pattern matching techniques to separate, categorize and explore the data
  • Learn fundamentals of cluster analysis, its uses, how it can aid in classifying and predicting certain types of activity
  • Profile data via various analytical techniques, such as point pattern analysis to understand events or spatial analysis to understand the reach, impact or measure or effect for an event, threat actor or cyber operation
  • Develop intelligence reporting based on the analysis performed

Target Student

Member of law enforcement, industry or academia who are tasked with or interested in learning how to advance their investigative skills to solve cyber crime as well as other types of criminal cases. Inquire about discounts for law enforcement, veterans and NCFTA members at


Monty St John
Monty St John is a computer science and information security expert, U.S. Navy and U.S. Air Force veteran, certified instructor, and author of dozens of classes for CyberDefenses. He has assisted numerous companies build and accredit laboratories, threat teams, and security operations centers. He’s also a prolific writer with two upcoming technical volumes set for 2018; Game Designer and Speaker.Learn more about Monty St John

Additional Information

Course Outline

  • I. Introduction to Patterns
    • A. Pattern Recognition
    • B. Pattern Creation
    • C. Parsing Data
    • D. Regular Expressions
  • II. Introduction to the malware research tool YARA
    • A. Crafting YARA Rules
    • B. Analyzing Files
    • C. Profiling with YARA
  • III. Complex Pattern Analysis
    • A. Complex Pattern Recognition
    • B. Complex Pattern Creation
    • C. Analyzing Complex Patterns
View the Syllabus

Contact CyberDefenses today to learn how we can help your company’s cybersecurity needs.