Regular Expressions and Pattern Analysis

CyberDefenses Academy



Available Upon Request


Available Upon Request

Delivery Method

Classroom & Online


Certification of Completion

Audience / Level





Laptop required

Course Details

Program Introduction

A regular expression (regex or regexp for short) is a special text string for describing a search pattern. Regular expressions consist of constants, which denote sets of strings, and operator symbols, which denote operations over these sets. Informally, you can think of regular expressions as wildcards on steroids.

Patterns are a discernible arrangement or sequence, in a string, in an action or situation, etc. Pattern matching is the checking of a sequence of tokens for the presence of the constituents of some pattern. It is the basics of what we do with regular expressions. Patterns can have the form of a sequence or a tree structure. Pattern analysis is the process of finding general relationships in a set of data.

Students are introduced to patterns and regular expressions of patterns and then guided via a series of labs to leverage the techniques to find, solve and investigate data.

Course Objectives

  • It’s designed for those with a background in threat intelligence with a need for greater understanding and practical application of pattern analysis.
  • It conveys the necessary concepts, principles and terms to lay down a solid foundation.
  • It is a comprehensive course for those with an interest in Regular Expressions and Pattern Analysis.

Target Student

  • Individuals desiring a better understanding of Regular Expressions and Pattern Analysis.
  • Professionals who deal with technical issues, but feel they do not have enough background in recognizing and defining patterns and regular expressions.
  • Technical professionals that need to be armed with greater knowledge of incident response, pattern analysis, regular expressions, and their role in resolving incidents.


Monty St John
Monty St John is a computer science and information security expert, U.S. Navy and U.S. Air Force veteran, certified instructor, and author of dozens of classes for CyberDefenses. He has assisted numerous companies build and accredit laboratories, threat teams, and security operations centers. He’s also a prolific writer with two upcoming technical volumes set for 2018; Game Designer and Speaker. More about Monty St John here

Additional Information

  • Laptop required
  • Requires basic knowledge of computers, technology and command line interface (CLI)
    • Open and operate browsers
    • Find and use command line
    • Execute scripts
  • Prior threat intelligence, incident response, infosec, or forensics experience a plus
  • Understanding of virtual machines (VM) and how to use one.
    • Understand how to import and power on a VM

Course Outline

  • Introduction
  • Patterns, defined
  • Recognizing patterns
  • Analyzing patterns
    • Point Patterns
    • Pattern of Life
  • Pattern Language
    • Grep & Egrep
    • Sed
    • Awk
    • Regex
  • Pattern Calculus with YARA
  • Case Study: Credential Dumps
  • Wrap-up & Close