Don't second guess. Go with experience.

Have you been hit? CyberDefenses can help.

Pattern Recognition, Analysis and Profiling Class, February 2019

CyberDefenses Academy

$895.00

Schedule

February 26 - 28

Location

NCFTA Training Facility, 2000 Technology Dr. Stuie 450, Pittsburgh, PA 15219

Delivery Method

Classroom

Certification

May be eligible for CPE credit. Check with your accreditation representative.

Audience / Level

Beginner

Prerequisites

Basic familiarity with cybersecurity topics, Linux Operating System and Command Line Interface (CLI)

Requirements

Laptop required

Course Details

Program Introduction

Offered in partnership with the National Cyber-Forensics and Training Alliance

This immersive threat intelligence, cyber-forensics course digs deep into recognizing cybercrime patterns in data from real-life events. It spans large bundles of data to finding patterns in diverse streams of information.  Attendees gain a grounded understanding of data pattern analysis through an introduction to patterns and regular expressions in addition to skills development via practice. Students are able to participate in a series of labs to leverage the techniques to find, solve, and investigate data.

This training will be hands-on working directly with CyberDefenses and NCFTA personnel. Attendees will become familiar with a variety of analytical techniques and open source tools to recognize, analyze, and profile data, organizations and individuals.

Basic familiarity with cybersecurity topics, Linux operation system and Command Line Interface (CLI) will assist in understanding topics in this course.

CyberDefenses and the National Cyber-Forensics and Training Alliance (NCFTA) offers law enforcement, industry and academia training courses on the current cyber-threat landscape. This training course combines lectures and hands-on exercises delivered by CyberDefenses, NCFTA personnel and other subject matter experts.

Course Objectives

  • Define and recognize patterns
  • Build patterns with common tools such as E/Grep, Sed, Awk and Regex
  • Understand YARA, how it works, its uses and how it can be employed to define patterns to find files or information in files, regardless of type or state
  • Navigate large dumps of data, using pattern matching techniques to separate, categorize and explore the data
  • Learn fundamentals of cluster analysis, its uses, how it can aid in classifying and predicting certain types of activity
  • Profile data via various analytical techniques, such as point pattern analysis to understand events or spatial analysis to understand the reach, impact or measure or effect for an event, threat actor or cyber operation
  • Develop intelligence reporting based on the analysis performed

Target Student

Member of law enforcement, industry or academia who are tasked with or interested in learning how to advance their investigative skills to solve cyber crime as well as other types of criminal cases. Inquire about discounts for law enforcement, veterans and NCFTA members at academy@cyberdefenses.com.

Instructor

Monty St John
Monty St John is a computer science and information security expert, U.S. Navy and U.S. Air Force veteran, certified instructor, and author of dozens of classes for CyberDefenses. He has assisted numerous companies build and accredit laboratories, threat teams, and security operations centers. He’s also a prolific writer with two upcoming technical volumes set for 2018; Game Designer and Speaker.Learn more about Monty St John

Additional Information

Course Outline

  • I. Introduction to Patterns
    • A. Pattern Recognition
    • B. Pattern Creation
    • C. Parsing Data
    • D. Regular Expressions
  • II. Introduction to the malware research tool YARA
    • A. Crafting YARA Rules
    • B. Analyzing Files
    • C. Profiling with YARA
  • III. Complex Pattern Analysis
    • A. Complex Pattern Recognition
    • B. Complex Pattern Creation
    • C. Analyzing Complex Patterns
View the Syllabus

Contact CyberDefenses today to learn how we can help your company’s cybersecurity needs.