Don't second guess. Go with experience.

This event has passed

Pattern Recognition, Analysis and Profiling Class

CyberDefenses Academy


Available Upon Request - Contact us to request this course, or join the waitlist to be emailed when this product becomes available


December 11-13


CyberDefenses Training Facility 1205 Sam Bass Road, Ste 300 Round Rock, TX 78681

Delivery Method



May be eligible for CPE credit. Check with your accreditation representative.

Audience / Level



Basic familiarity with cybersecurity topics, Linux Operating System and Command Line Interface (CLI)


Laptop required

Course Details

Program Introduction

Offered in partnership with the National Cyber-Forensics and Training Alliance

This immersive threat intelligence, cyber-forensics course digs deep into recognizing cybercrime patterns in data from real-life events, from large bundles of data to finding patterns in diverse streams of information. It aims to provide attendees with a grounded understanding of data pattern analysis. The course introduces students to patterns and regular expressions and then students can develop skills via practice in a series of labs to leverage the techniques to find, solve, and investigate data.

This training will be hands-on, with attendees working directly with CyberDefenses and NCFTA personnel. Attendees will become familiar with a variety of analytical techniques and open source tools to recognize, analyze, and profile data, organizations and individuals.

Basic familiarity with cybersecurity topics, Linux operation system and Command Line Interface (CLI) will assist in understanding topics in this course.

CyberDefenses and the National Cyber-Forensics and Training Alliance (NCFTA) offers law enforcement, industry and academia training courses on the current cyber-threat landscape. This training course combines lectures and hands-on exercises delivered by CyberDefenses and NCFTA personnel and other subject matter experts.

Course Objectives

  • Define and recognize patterns
  • Build patterns with common tools such as E/Grep, Sed, Awk and Regex
  • Understand YARA, how it works, its uses and how it can be employed to define patterns to find files or information in files, regardless of type or state
  • Navigate large dumps of data, using pattern matching techniques to separate, categorize and explore the data
  • Learn fundamentals of cluster analysis, its uses, how it can aid in classifying and predicting certain types of activity
  • Profile data via various analytical techniques, such as point pattern analysis to understand events or spatial analysis to understand the reach, impact or measure or effect for an event, threat actor or cyber operation
  • Develop intelligence reporting based on the analysis performed

Target Student

Member of law enforcement, industry or academia who are tasked with or interested in learning how to advance their investigative skills to solve cyber crime as well as other types of criminal cases.


Monty St John
Monty St John is a computer science and information security expert, U.S. Navy and U.S. Air Force veteran, certified instructor, and author of dozens of classes for CyberDefenses. He has assisted numerous companies build and accredit laboratories, threat teams, and security operations centers. He’s also a prolific writer with two upcoming technical volumes set for 2018; Game Designer and Speaker.Learn more about Monty St John

Additional Information

Course Outline

I. Introduction to Patterns A. Pattern Recognition B. Pattern Creation C. Parsing Data D. Regular ExpressionsII. Introduction to the malware research tool YARA A. Crafting YARA Rules B. Analyzing Files C. Profiling with YARAIII. Complex Pattern Analysis A. Complex Pattern Recognition B. Complex Pattern Creation C. Analyzing Complex PatternsView the Syllabus 

Contact CyberDefenses today to learn how we can help your company’s cybersecurity needs.