Description
Course info
Rating
(10)
Level
Intermediate
Updated
Nov 21, 2019
Duration
1h 26m
Description

In this course, Setting Up a Malware Analysis Lab, Aaron Rosenmund and Tyler Hudak discuss why you need to have your own malware analysis lab. There are variety of roles outside of reverse engineering that performs dynamic analysis of malware samples. Having the skills to identify the indicators of compromise make you invaluable to incident response and security operations teams. You will learn not only how to build a virtual machine, but also how to modify the operating system to properly trick the malware into believing it is in a safe place to detonate, what tools to use, and how to run them in your own malware analysis lab.

About the author
About the author

Tyler Hudak has more than 15 years of experience performing malware analysis, computer forensics, and incident response for multiple organizations. He loves sharing the knowledge he has gained on these topics in his presentations and classes!

More from the author
Malware Analysis and Detection: Trickbot
Intermediate
1h 30m
Nov 15, 2019
Hunting for Fileless Malware
Intermediate
1h 41m
Dec 18, 2018
More courses by Tyler Hudak
About the author

Aaron M. Rosenmund is a cyber security operations and incident response subject matter expert, with a background in federal and business system administration, virtualization and automation.

More from the author
Command and Control with Covenant
Intermediate
20m
Dec 31, 2019
More courses by Aaron Rosenmund
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hey everyone. I'm Aaron Rosenmund, a staff author for Pluralsight focused on security operations, incident response, and a part‑time member of the Florida International Guard working in defensive cyber operations. Hey, this is Tyler Hudak. I do incident response as my primary job. I'm a Pluralsight author and have been analyzing malware for a number of years. Welcome to our Play by Play on Setting Up a Malware Analysis Lab. Malware authors continue to advance their methods, tactics, and techniques to evade defenses, hide in your environments, and steal or hold your information at ransom. The ability to identify new indicators of compromise extracted from new strains of malware released daily is now more important to the success of your security operations team and the protection of your organization than ever. In this course, we'll cover setting up virtual machine software to emulate a real device, configuring Windows to look like a realistic environment, and some of the tools that we'll use going forward to analyze malware in future Play by Plays. By the end of this Play by Play, you should feel comfortable creating a malware sandbox and beginning dynamic analysis on Malware samples. You'll also be able to follow along with the Play by Plays this series, where we're going to talk about the analysis of new and prolific malware samples to extract indicators of compromise for you to use to hunt for infections in your environment. We hope you'll join us on this journey to learn how to set up a malware analysis lab in this Play by Play, at Pluralsight.