Learning Paths

Malware Analysis

  • Number of Courses13 courses
  • Duration30 hours
  • Skill IQ available Skill IQ

In today’s threat landscape, sophisticated adversaries have routinely demonstrated the ability to compromise enterprise networks and remain hidden for extended periods of time. To achieve this, malware authors employ a wide variety of obfuscation and anti-analysis techniques at each phase of an attack. Developing the skills necessary as a malware analyst to properly detect, triage and reverse engineer advanced attacker intrusion tactics and techniques requires experience and a diverse set of tools and skills. In this path you will develop the skills and knowledge necessary to analyze malicious office documents, dig deep into native and interpreted code through disassembly and decompilation, identify and defeat prevalent obfuscation techniques. The courses in this path with take you from malware analysis basics to advanced topics so that you can generate valuable threat intelligence to aid in your efforts to defend your organization, respond more effectively to an incident or gain deeper understanding of the latest malware threats.

This skills path may assist in attaining the knowledge and skills outlined in the NICE Cybersecurity Workforce Framework in the following areas: K0259 & K0479 Knowledge of malware analysis concepts and methodologies. S0131 Skill in analyzing malware.

Courses in this path

Beginner

In this section, you will be introduced to the key concepts associated with performing malware analysis. You will learn how malicious actors attack organizations, users and endpoints and how you can begin to analyze the artifacts associated with these attacks. Finally, you will apply everything you have learned to begin to develop a workflow for performing malware analysis, identifying key indicators of compromise and the ability to create a narrative around an incident.

Malware Analysis: The Big Picture

  • by Christopher Rees
  • 2h 13m Duration
  •  (42)

Getting Started Analyzing Malware Infections

  • by Cristian Pascariu
  • 2h 17m Duration
  •  (36)

Malware Analysis Fundamentals

  • by Tyler Hudak
  • 3h 20m Duration
  •  (150)

Intermediate

In this section, you will learn how to leverage many industry standard tools for analyzing and reverse engineering malware. You will gain a deeper understanding of reverse engineering and how to apply those skills to analyzing malware. You will also explore many prevalent obfuscation techniques used by malware authors to disrupt detection and analysis and develop effective strategies for identifying and defeating those techniques.

Performing Malware Analysis on Malicious Documents

  • by Tyler Hudak
  • 2h 59m Duration
  •  (53)

Analyzing Malware for .NET and Java Binaries

  • by Josh Stroschein
  • 1h 42m Duration
  •  (35)

Getting Started with Reverse Engineering

  • by Josh Stroschein
  • 3h 40m Duration
  •  (75)

Security for Hackers and Developers: Reverse Engineering

  • by Dr. Jared DeMott
  • 2h 3m Duration
  •  (53)

Reverse Engineering Malware with Ghidra

  • by Josh Stroschein
  • 1h 34m Duration
  •  (39)

Malware Analysis: Identifying and Defeating Code Obfuscation

  • by Josh Stroschein
  • 2h 22m Duration
  •  (20)

Malware Analysis: Identifying and Defeating Packing

  • by Josh Stroschein
  • 2h 17m Duration
  •  (27)

Advanced

In this section, you will learn how malware authors can employ anti-analysis techniques to trick your analysis tools. These techniques, when successful, can be used to bypass your analysis workflow and are vital as a malware analyst to identify. You will also continue to explore the inner workings of sophisticated malware to learn how it works and how you can effectively unravel it.

Advanced Malware Analysis: Combating Exploit Kits

  • by Dr. Jared DeMott
  • 2h 23m Duration
  •  (53)

Defeating Anti-reverse Engineering and Anti-debugging Techniques

  • by Josh Stroschein
  • 1h 53m Duration
  •  (17)

Advanced Malware Analysis: Ransomware

  • by Cristian Pascariu
  • 1h 29m Duration
  •  (34)

Learn with the best

Christopher Rees
Christopher Rees
Chris is a professional information technologist, trainer, manager and lifelong learner. He is married with 3 beautiful children and interested in martial arts, working out, spending time with family and friends and being creative whenever possible. He has created a number of IT Certification training courses over the past 10 years and really enjoys helping people advance their careers through training and personal development.
Cristian Pascariu
Cristian Pascariu
Cristian took part in auditing and implementation of infosec capabilities to uplift security posture. He managed codification efforts to extract indicators of compromise and created rules in the scope of defending against new emerging threats. He has also developed tools and scripts to overcome security gaps within the corporate network. Cristian has mentored L1 and L2 analysts to increase triage efficiency and combat new threats. He has experience in the field of Application Security and has pr... more
Tyler Hudak
Tyler Hudak
Tyler Hudak has more than 15 years of extensive real-world experience in incident handling, malware analysis, computer forensics, and information security for multiple Fortune 500 firms. He has spoken and taught at a number of security conferences on the topics of malware analysis, incident response, and penetration testing, and brings his frontl ine experience and proven techniques to bear in his training.
Josh Stroschein
Josh Stroschein
Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is a reverse engineer at Google (Chronicle), where he focuses on tackling the latest threats. Josh is an accomplished trainer, providing training at places such as Ring Zero, BlackHat, Defcon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is also an author on Pluralsight, where he publishes content around malware analysis, reverse engineering, and... more
Dr. Jared DeMott
Dr. Jared DeMott
Dr. Jared DeMott is an engineer, entrepreneur, and security leader. DeMott previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB, etc. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer ... more

Join our learners and upskill
in leading technologies