Description
Course info
Level
Intermediate
Updated
Jun 25, 2019
Duration
1h 14m
Description

Traditional hash-based detections are lagging behind when it comes to advanced malware threats. In this course, Threat Hunting with Yara, you will gain the ability to use Yara to identify and clarify malicious artifacts. First you will discover how to write effective rules, next you will craft detections based on patterns identified in suspicious binaries, finally you will explore hunting at scale strategies using Yara rules with other security capabilities. When you're finished with this course, you will have the skills and the knowledge of hunting for threats with Yara when responding to security incidents.

About the author
About the author

Cristian is a Information Security Professional with experience in supply chain, manufacturing, gaming, and entertainment sectors for Fortune 500 companies. He has provided expertise in incident response cases by performing forensic investigations, malware analysis, and elaborating mitigation plans against complex cyber attacks.

More from the author
Advanced Malware Analysis: Ransomware
Advanced
1h 30m
Jan 24, 2019
More courses by Cristian Pascariu
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(Music) Hello, everyone. My name is Cristian Pascariu, and welcome to my course, Threat Hunting with Yara. I am an information security professional and have gained valuable experience with Yara that I want to share with you. With most of the hash-based signature detections falling behind modern threats, Yara brings pattern-based detection capabilities to find malicious signatures that persist among similar malware samples. In this course, we are going to uplift your threat detection and classification skills through a series of modules and practical examples. We will be creating efficient rules and using existing ones to hunt malicious artifacts. Some of the major topics that we'll cover include identify patterns in suspicious files with Yara, codify signatures into detection rules, hunt for threats across your environment, and leveraging threat intelligence to enrich detections. By the end of this course, you'll know how to make use of Yara when responding to security incidents to establish the root cause of the infection, as well as crafting signatures to protect your environment in the future. Before beginning this course, you should be familiar with basic security concepts within the field of incident response. From here, you should feel comfortable diving into threat hunting with courses on malware analysis and forensics. I hope you'll join me on this journey to learn how to classify and detect modern threats with the Threat Hunting with Yara course at Pluralsight.