Malware Analysis Fundamentals
This course provides a beginner-level introduction to the tools and methodologies used to perform malware analysis on executables found in Windows systems using a practical, hands-on approach. The course introduces students to decompilation with Ghidra and introduces Windows Technologies that are prevalent in malware such as WMI, .NET, and PowerShell. This session is taught by FLARE malware analysts who are experienced in analyzing a diverse set of malware.
Intelligence Research II—Open Source Intelligence (OSINT) Tools & Techniques
This foundational course teaches students to identify and develop pivot points or leads in investigations across multiple use cases. Students will review the basic functions of open source tools and learn when and why to use them in their research. They will apply their skills to several scenarios drawn from frontline experience, including executive-level RFIs, incident response investigations, and information operation campaigns.
Windows Enterprise Incident Response
This intensive two-day course is designed to teach the fundamental investigative techniques needed to respond to today’s cyber threats. The fast-paced course is built upon a series of hands-on labs that highlight the phases of a targeted attack, sources of evidence and principles of analysis. Examples of skills taught include how to conduct rapid triage on a system to determine whether it is compromised, uncover evidence of initial attack vectors, recognize persistence mechanisms and investigate an incident throughout an enterprise.