We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

Accept and Close


Ask a question?

If you want to know anything about the course, we’re here to help.


Hunt APTs with Yara like a GReAT Ninja

Have you ever wondered how Kaspersky discovered some of the world’s most famous APT attacks? Now, the answer is within your reach - from the comfort of your home. Our brand new online training will lead you through an essential tool for every APT hunter: the Yara detection engine.

This self-paced training includes a hands-on virtual lab with lots of exclusive exercises from real world cases.

Hands-on training

Use our virtual lab to complete 20+ practical exercises, all based on Kaspersky’s exclusive APT research.

Become more efficient

Take your cybersecurity skills to the next level by learning how to identify threats quicker and with less effort.

Learn from the best

Kaspersky experts are threat hunting pioneers. Now you can discover how YARA helps them uncover APTs that nobody else can find.

Register now
and save $100 with our
limited-time launch offer

No commitment to buy. No credit card needed.

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

Costin Raiu

Course author:

Costin Raiu,

Director of GReAT

PlaySee Costin in a FREE Brighttalk webinar Follow @craiu

Costin is Director of Kaspersky’s industry leading Global Research and Analysis Team (GReAT), the team that researched the inner workings of Stuxnet, Duqu, Flame, Carbanak, Turla, Lazarus, the Equation Group and many more. Costin has over 25 years’ experience in cybersecurity and specialises in analysing Advanced Persistent Threats and high-level malware attacks. He is a member of the Virus Bulletin Technical Advisory Board and the Computer AntiVirus Researchers’ Organization (CARO) as well as a reporter for the Wildlist Organization International.

About the course

Hunt APTs with Yara Like a GReAT Ninja is suitable for both beginners and experienced Yara users - no hardcore reverse engineering skills are needed. If you are a security researcher or incident responder, malware analyst, security engineer, network security analyst, APT researcher or work in IT security the course will help take your skills to the next level.

Register Now
Why Yara?

Why Yara?

For InfoSec professionals

  • Advance your career as a threat hunter
  • Hunt threats more efficiently
  • Find APT samples on VirusTotal
  • Build effective APT detection strategies

For enterprises

  • Find new malware samples, new exploits and zero-days
  • Speed up incident response
  • Increase your defences with custom rules
What you'll learn

What you'll learn

  • Intro to Yara syntax
  • Tips & tricks to create fast and effective rules
  • How to use Yara generators
  • Testing Yara rules for false positives
  • How to hunt new undetected samples on VT
  • How to use external modules within Yara for effective hunting
  • Secrets of anomaly search
  • Lots of real-life examples
  • A set of exercises for improving your Yara skills.
Practical Outcomes

Practical outcomes

During this training you will learn how to write the most effective Yara rules, how to test them and improve them to the point where they find threats that nobody else does.

Through 20+ exercises, all based on real cases, you will be able to test their YARA rules using Kaspersky tools and access to our industry-leading collection of samples.