Expert-Level Course: “Practical Malware Analysis for Incident Response” (2024)

Focus

Intensive, hands-on training for the identification, analysis, and understanding of malware samples in the context of security incidents.

Objectives

• Learn how to identify, extract, and analyze malware samples as part of the incident response lifecycle.
• Understand malware behavior and its persistence, communication, and evasion techniques.
• Use practical tools for static and dynamic malware analysis.

Program

• (Brief) introduction to malware analysis
• Setting up a controlled analysis environment
• Static malware analysis
• Dynamic malware analysis
• Extraction of Indicators of Compromise (IoCs)
• Documentation and report writing

Target Audience

• Cybersecurity professionals seeking to acquire advanced malware analysis skills.
• Members of incident response teams (CSIRT/SOC).
• Security analysts who want to understand how malware works for prevention and response purposes.

Preferred Requirements for the Expert Course Prior Knowledge

Desirable: cybersecurity concepts, programming, command-line usage in Unix systems, basic system and network administration concepts.

Required Materials

Personal computer capable of running virtual machines and Docker systems.

Instructor

• Ricardo J. Rodríguez – PTU in the area of Programming Languages and Computer Systems, Department of Computer Science and Systems Engineering, University of Zaragoza.

Schedule, Dates, and Location

• Dates: December 4 and 10, 2024
• Location: University of Zaragoza. Río Ebro Campus. Ada Byron Building (Room A.12). C/ María de Luna, 3, 50018, Zaragoza
• Maximum number of participants: 15 people
• Total duration: 6 hours
• Schedule:
  • Wednesday, December 4 (17:00–19:00)
  • Tuesday, December 10 (15:00–19:00)

Registration

Registration closed