Behavioral Malware Analysis teaches you all the fundamental skills necessary to analyze malicious software from a behavioral perspective. Using system monitoring tools and analytic software, this course teaches how to observe malware in a controlled environment to quickly analyze its malicious effects to the system. From simple keyloggers to massive botnets this class covers a wide variety of current threats from today’s internet with actual samples being analyzed in the training environment. With the majority of the class being hands-on, each student will be issued a computer with a secure environment to learn the skills and essential methodologies required to be an effective malware analyst.
Cyber threats are increasing at an alarming rate every year and the ability for organizations to defend against full-scale, distributed attacks quickly and effectively has become much more difficult. An Intrusion Detection system affords security administrators the ability to automate the process of identifying attacks amongst the thousands of TCP and UDP conversations on their network provided the IDS’ signatures are well written. Taught by leaders in network defense who work in the computer security industry, this course demonstrates how to defend large-scale network infrastructure by building and maintaining intrusion detection systems and mastering advanced signature writing techniques. With Intrusion Detection Systems (IDS) and trained network security auditors, organizations have a reliable means to prioritize and isolate the most critical threats in real time.
Mainstream media coverage of hacker groups and their exploits have left the public thinking that all of cyber security is black magic. While many attacks involve some advanced networking and coding techniques, the majority of compromises are carried out by much less sophisticated attackers. The majority of these individuals have learned the process of compromising servers and networks in the same way that all of us have learned technology: by researching online. The days of creating and compiling your own exploit code are long since past. Most attackers are using “point and pwn” utilities like Armitage, Cain & Able, and the Social Engineers Toolkit (SET) to cause havoc for organizations worldwide. We believe that to emulate the various cyber threat vectors, it is critical to understand what most attacks have in common: their methodology. Bringing together decades of experience in government, commercial and academic cyber security training and consulting, our instructors have developed and implemented multiple threat emulation methodologies. While methodologies change over time to account for new technologies and techniques, the concepts involved remain constant. This course provides a flexible methodology for use in emulating external and internal network intrusion threat vectors.
Uncover System Intrusions by Identifying Malicious Network Activity There are a tremendous amount of network-based attacks to be aware of on the internet today and the number is increasing rapidly. You can’t defend against these lethal network attacks if you don’t know about them or if you’ve never seen what it looks like at the packet level. This course teaches you how to analyze, detect and understand all the network-based attacks that we could find being used today in modern network warfare. From Layer 2 attacks against network devices through complex botnets and specific application vulnerabilities, this class will fulfill your desire to see what these attacks look like. We even show you how to detect attacks using Flow Analysis if you don’t have network packets to analyze or you only have statistical information at your disposal. We’ll use the popular protocol analyzer Wireshark and session analysis tool Netwitness alongside custom tools developed by ANRC networking experts to show you how to detect these network attacks and be prepared to handle them.
Network Traffic Analysis will enable students to differentiate between normal and abnormal network traffic. The course focuses on research, filtering and comparative analysis to identify the different types of activity on a network and attribute their source. A subject matter expert will teach you security-related tactics, techniques and procedures for performing network analysis in today’s ever-changing threat landscape. You’ll learn to follow conversations through redirection as well as how to develop custom filters for non-dissected protocols. After attending this course, students will be able to hone in on the key events in a traffic capture and reconstruct the event time line.