X
X
X
The best way to learn Suricata rules is by actually writing them! Take the chance to meet real-life cases like Copper Stealer malware and HQWar Android dropper to safely put your newfound knowledge into practice.
Stay ahead of the game with the latest tips, tricks, and techniques for creating and implementing Suricata rules. Learn the most cutting-edge methods for network security to keep pace with the rapidly evolving world of cybersecurity.
Start your acquaintance with Suricata rules under the guidance of Kaspersky’s top expert from the Global Research and Analysis Team (GReAT), Tatyana Shishkova, who has years of experience creating and implementing Suricata rules in real-life cases.
The course is designed to take you on a journey from the basics of Suricata rules for different network protocols to the most advanced features and techniques.
All levels
$890 inc. tax per learner
Prerequisites
All levels
$890 inc. tax per learner
Prerequisites
Lead Security Researcher, GReAT
Tatyana Shishkova is a Lead Security Researcher with more than seven years’ experience in network traffic analysis. Working at Kaspersky for more than a decade, she specializes in reverse engineering and network intrusion detection using Suricata.
Tatyana is a regular speaker at major cybersecurity conferences, including PHDays, SuriCon, SAS, and Botconf.
Cybersecurity consultancies
Train your consultancy team to create and fine-tune Suricata rules for maximum effectiveness so to provide more effective services to their clients.
Enterprises
Advance your SOC or cybersecurity team’s skills to implement effective network security policies moving towards detecting and preventing cyber attacks before they cause organisational damage.
InfoSec professionals
Advance your career as an incident responder, malware researcher, or security analyst. Get to know more about developing and deploying effective Suricata rules to prepare yourself for more advanced threats.
Guided video lectures
Learn Suricata rules with guided video lectures, providing in-depth explanations of each topic and exercise.
Virtual lab
Practice your new skills in a safe virtual environment. Designed especially for our Suricata course, your virtual environment is loaded with all the tools you need to help you learn and succeed.
Iterative learning
The course is designed with an iterative learning approach with consistent modules based on specialist overviews of each task, practical work in a Virtual Lab and detailed expert solutions.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
6 months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
It will take you approximately 18 hours to watch the videos
PDF downloads of training materials and tips
Browser-based via desktop, mobile and tablet (excludes virtual lab which requires an RDP client)
Member of Kaspersky Global Research and Analysis Team (GReAT)
30+ videos to guide you through the course
Safe virtual environment for hands-on learning
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
Our experts use and update their knowledge and skills daily – rest assured you’re getting the most relevant experience out there.
One hundred hours of practice in the virtual lab are included in your course – you can put your newly acquired knowledge to practice immediately!
The course covers a wide range of SOC expertise that will be equally challenging to both entry-level and mid-level SOC professionals.
Intermediate
$1,400 inc. tax per learner
Prerequisites
Intermediate
$1,400 inc. tax per learner
Prerequisites
Kaspersky SOC Analyst and Researcher
Dmitriy is a Kaspersky SOC analyst, working in operation and research areas. He joined the company in 2019 and now performs real-time investigations of detected threats and the analysis of fresh APT threats that were observed around the globe. Dmitriy is responsible for the optimization of SOC operations, he helps to automate the SOC routines through the development of Jupyter notebooks, as well as robots for repeatable actions. He contributes to Kaspersky SOC’s Threat Hunting activities, like the creation of TH hypothesis, hunting for malicious indicators and converting successful cases into new threat detection rules.
Head of Kaspersky SOC
Sergey started his career over 20 years ago as a software developer, writing in C and Perl. After working as a sysadmin of security systems, he became a member of a SOC team and was engaged in threat detection and incident investigation. Currently, Sergey is the head of Kaspersky SOC, responsible for internal SOC activities at the company as well as external managed detection and response and Compromise assessment services. Sergey is a certified information systems security professional (CISSP, OSCP) and auditor (CISA).
Head of Kaspersky SOC Consulting
Roman has 13-years experience in Information Security mainly focused on SOC areas. He started his career as a security engineer and advanced to manage a team specializing in building SOC platforms for big national organizations. Working internationally on various challenges, like designing threat detection frameworks, Roman became a certified ArcSight instructor. Back in Russia, he developed a cyber security platform handling 2 million security events per second at the country’s biggest bank.
Now at Kaspersky SOC Consulting, he focuses on a complex approach that includes all areas of SOC/MSS/CERT design and architecture, establishing operations and development planning. Roman is an acknowledged professional holding certificates like CISSP, CISM, CISA, GNFA, GCIH.
SOC People
SOC Services
SOC Technologies
SOC development and maturity levels
Lab: WMI consumer hunting
Lab: Linux service hunting
Lab: Domain name hunting
Windows Credentials and authentication
Lab: Password credentials in SAM and NTDS
Lab: Password credentials in memory
Lab: Security support providers
User Rights
Lab: Windows Privileges
Lab: Windows services exploitation
Lab: Pass the token and Impersonation
Kerberos
Lab: Kerberoasting
Lab: AS-REP roasting
Lab: Silver ticket
Lab: Golden ticket
Windows Security Auditing
Lab: Windows Security Audit
Linux general information
Linux security
Mandatory access control
Lab: Openssl. Attack Overview
Lab: Openssl. Investigation
Lab: Sudo privilege escalation. Attack Overview
Lab: Sudo privilege escalation. Investigation
SOC analysts and specialists
For cybersecurity specialists involved in security operations and threat hunting.
Enterprises
For teams and enterprises focusing on threat hunting.
Guided video lectures
Learn from more than 60+ videos by the top-notch Kaspersky SOC experts, sharing their practical experience and hacks.
Hands-on virtual lab and various environments within
Practice in our fully configured virtual lab - and experience various environments to hunt a wide range of threats.
Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
6 months to complete your course from activation of your access code
Delivered in English with subtitles
Self-guided learning that fits around your life (It will take you approximately 18 hours to watch the videos)
100 hours of virtual lab time for hands-on learning
PDF downloads of training materials & tips
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)
Course author Members of Kaspersky Security Operations Center
60+ videos to guide you through the course
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
You will be able to investigate end-to-end the incident involving notorious ransomware.
Master different tools including: ELK stack, PowerShell, Suricata, YARA and more in the fully configured virtual lab environment.
Learn from Kaspersky incident responders with more than 10 years of experience in the field.
Intermediate
$1,400 inc. tax per learner
Prerequisites
Intermediate
$1,400 inc. tax per learner
Prerequisites
“You will master incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs, and also get introduced to memory forensics.”
Digital Forensics and Incident Response Manager
Ayman joined Kaspersky in 2014 as a security researcher and member of GERT. Currently, Ayman works as DFIR manager in GERT. He started his cyber security career in 2009. During his career, he has participated in building digital forensics labs and providing response and analysis for cyber incidents in different industries. He developed training courses on DFIR and delivered these courses to different entities around the globe. Ayman has a BSc in communication engineering and an MSc in cyber security. Ayman obtained different DFIR certificates and in 2016 he published his book “Practical Windows Forensics”.
Senior Incident Response Specialist
Kai started his career in the information security domain in 2010 as a security consultant and joined GERT in 2016 as an incident response specialist. Throughout his career, he has been involved in building digital forensic labs and providing responses to different variants of cyber incidents around the world. Beside the development and delivering of DFIR training globally, he also designs, conducts and evaluates tabletop exercises. Kai holds several international certifications like GCFA, GCFE, ECIR, ECTHP, CCSK, CISM and ISO/IEC 27035) and also a Diploma in Business Informatics (FH) and a M.Sc. in Digital Forensics.
Foundation of information security. Cyber kill chain. Open-source intelligence.
Incident response process: from preparation to post-incident.
Live analysis on the victim machines with IRCD and PowerShell.
Triage approach. Triage acquisition with Kape, Paladin, FTK-imager and Velociraptor. Applied sessions with FTK imager and Velociraptor.
Memory forensics with the volatility framework.
Log file analysis using command line tools up to ELK.
Network IOCs: Dumping network traffic. Network intrusion detection with Suricata. Network analysis tools.
Scanning for Indicators of Compromise (IOC). Host-based IOC scanning with YARA.
InfoSec professionals
For cybersecurity professionals who would like to upgrade technical analysis skills in the incident response domain.
Enterprises
For incident response and digital forensics teams, who are continuously enhancing their practical skills in incident remediation.
Guided video lectures
Learn from Incident Response experts Ayman and Kai from the Global Emergency Response Team, GERT, who have years of experience working on real-live investigations.
Hands-on virtual lab
Practice in our fully configured virtual lab on real-life incident case.
Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.
The home for all of Kaspersky’s cyberthreat research and reports.
Discover and learn with Kaspersky’s brightest professional.
Scan files, domains, IP addresses & URLs for threats, malware and viruses.
KLara helps Threat Intelligence researchers hunt for new malware using Yara.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
6 months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
It will take you approximately 15 hours to finish the course
PDF downloads of training materials & tips
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)
Members of Kaspersky Global Emergency Response Team
Over 40 videos to guide you through the course
100 hours of virtual lab time for hands-on learning
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
“This course taught me how to write YARA rules efficiently and how to make them work faster. Throughout the training I’ve learnt lots of tips and tricks about the creation of YARA rules.”
Course Learner
Use our virtual lab to complete 20+ practical exercises, all based on Kaspersky’s exclusive APT research.
Take your cybersecurity skills to the next level by learning how to identify threats quicker and with less effort.
All levels
$1,400 inc. tax per learner
Prerequisites
All levels
$1,400 inc. tax per learner
Prerequisites
“Only our course teaches you how to write solid and fast Yara rules while developing a threat hunting mentality that will be respected & valued.”
Director of GReAT
Costin is Director of Kaspersky’s industry leading Global Research and Analysis Team (GReAT), the team that researched the inner workings of Stuxnet, Duqu, Flame, Carbanak, Turla, Lazarus, the Equation Group and many more.
Costin has over 25 years’ experience in cybersecurity and specialises in analysing Advanced Persistent Threats and high-level malware attacks.
He is a member of the Virus Bulletin Technical Advisory Board and the Computer AntiVirus Researchers’ Organization (CARO) as well as a reporter for the Wildlist Organization International.
Meet Director of GReAT and ninja master Costin Raiu, your tutor for the course, and get an introduction to Yara syntax along with design tips.
Interesting strings and PE structure fields. To hunt down suspicious malware, look for the clues.
A good Yara rule should be able to hunt out the existence of threats while protecting normal files.
What happens when threats become more sophisticated? Luckily, Yara has some modules that can be used to your advantage.
VirusTotal Intelligence (VTI) works natively with Yara. Master these two pieces of software and you might find something that was previously undetected.
Learn about wildcards through exercises featuring the Equation group and Sofacy, some of the most sophisticated cyber espionage groups to have ever existed.
Gets hands-on in the virtual lab with exercises based on WildNeutron, Eye-Pyramid and other famous cases.
Find out how you can dump OLE files to identify features that can be then be used for Yara detection.
Search for suspicious techniques and write effective Yara rules based on the Freaky Shelly case, Lazarus / Bluenoroff and other advanced cases.
Complete your training by finding out how you can use automatic Yara generators, how you can set up a Yara environment within your own organization and how you can hunt threats when you even don’t know what you are looking for.
InfoSec professionals
IT Security professionals will learn how to advance their career as a threat hunter and hunt threats more efficiently.
Enterprises
Train your teams to find new malware samples, exploits and zero-days and speed up incident response. Improve your organizations’ defenses with custom rule
Video lectures featuring Costin Raiu
Learn from a 25 year Threat Hunting ninja and Director of Kaspersky’s industry leading Global Research and Analysis Team.
Active learning
Engaging learning tools & quizzes to support effective knowledge transfer.
Hands-on virtual lab
Work with real cases like BlueTraveller and DiplomaticDuck in our virtual lab.
In today’s ever-changing threat landscape, it is essential for companies to ensure that their IT security specialists maintain up-to-date skills. xTraining offers companies the opportunity to enhance their security measures by providing highly practical, hands-on courses that focus on effective threat detection and mitigation strategies.
The home for all of Kaspersky’s cyberthreat research and reports.
Discover and learn with Kaspersky’s brightest professional.
Scan files, domains, IP addresses & URLs for threats, malware and viruses.
KLara helps Threat Intelligence researchers hunt for new malware using Yara.
6 months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
It will take you approximately 15 hours to finish the course
PDF downloads of training materials & tips
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)
Costin Raiu, Director of GReAT, Kaspersky
Over 50 videos to guide you through the course
100 hours of virtual lab time for hands-on learning
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
Participants ‘learn by doing’ using the hands-on virtual lab to practice on malware samples used in the wild by powerful APT actors.
Strengthen your skills with advanced static analysis techniques, get to know decrypting frameworks to automate your tasks to make your reversing skills unique!
Igor Kuznetsov is a Chief Security Researcher at Kaspersky. He participated in Kaspersky research on the most notorious APT campaigns and he’s packed the course full of his expertise and exclusive techniques.
Advanced
$2,700 inc. tax per learner
Prerequisites
Advanced
$2,700 inc. tax per learner
Prerequisites
Chief Security Researcher
Igor is the Chief Security Researcher in the Global Research & Analysis Team (GReAT) at Kaspersky. He has more than 20 years of reverse engineering experience.
Igor specializes in investigating malware campaigns and reverse engineering advanced malware. His areas of expertise include cyber-espionage and highly-targeted attacks, advanced threat actors and APTs; cyber-warfare, cyber-weapons such as Stuxnet, Duqu, Flame, Gauss; ATM security. Igor regularly provides training sessions on advanced malware analysis.
Introduction into IDA work flow and shellcode analysis. Main features of IDA required to reverse engineer: code, functions, structures, structure offsets. Reconstructing the metasploit’s API hashing algorithm.
Practicing shellcode analysis: extracting the C&C from the Metasploit shell, code and data flow analysis, manual reconstruction of a structure, stack layout.
Unpacking a real-life sample found at a bank and analyzing the shellcode. Proceeding through all the layers of an msvfenom-wrapped Metasploit shellcode to extract the network IOC.
Introduction into static decryption, decrypting files using a static analysis framework. Practice on the Bangladesh CB heist case (Lazarus).
Introduction into decryption of malicious Windows PE files (a Regin driver). Dealing with malicious samples with blocks of encrypted data and RVA/RAW offsets.
Static analysis of a Sofacy OSX sample. Dealing with separate strings decrypted with a dedicated function. Reconstructing the decryption routine.
Full-scale reverse engineering of a single PE file (a driver from Equation). Using knowledge from tracks 1-6 to preprocess all encrypted data and then walk through all the code, reconstructing the business logic of the driver in IDA.
DIY disassembly and API hashing. Creating your own tiny disassembler to extract the API hashes from hand-written assembly code and then reconstructing an API hashing algorithm to revert all the hashes to API names. Using IDC files to transfer results to IDA.
Introduction to document-based exploit payloads: analysis of a malicious RTF example (RedOctober dropper) where you need to locate the exploit code, unpack several layers till you get to the final payload. Generic approach to dealing with weaponized RTF documents and embedded shellcode.
Exploit analysis of a malicious Word document (Office Equation exploit). Generic approach to analyzing OLE2 objects.
Practice: analysis of a weaponized OLE2 file embedded in an RTF container (CloudAtlas). Extracting several layers till the final payload.
Static analysis of a ROP chain from a PDF document (with Miniduke from). Generic mechanics of a ROP chain, reconstructing the business logic from code snippets.
Introduction to bytecode-compiled Python samples. Practice using a decompiler to extract the source code.
Generic approach to dynamic decryption/unpacking. Extracting the payloads from Cridex samples using the debugger.
Decompiling and analyzing .NET bytecode. Dynamic extraction of the payload.
Introduction to the Golang binaries. Static analysis, built-in structures, strings. Extracting and decrypting string constants.
InfoSec professionals
The course is intended for established reverse engineers, incident responders and digital forensics practitioners seeking to level up their work with cybersecurity incidents.
Enterprises
After completing this training your cybersecurity or SOC team will be able to implement full dynamic and static analysis of malware efficiently, automate routine tasks and find detailed actionable items for protection of your organization & incident response.
Cybersecurity consultancies
Specialist consultancies who need to train their team on relevant practical skills will also benefit from this course: their personnel will level up and will be able to create more effective cybersecurity products and malware analysis services for clients.
Guided video lectures
Learn from Igor Kuznetsov, Chief Security Researcher and member of Kaspersky’s revered Global Research and Analysis Team.
Hands-on virtual lab
Practice in our fully configured virtual lab on real targeted malware cases like Lazarus, Sofacy, Regin, Equation, RedOctober, Miniduke and Carbanak.
Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
6 months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
100 hours of virtual lab time for hands-on learning
Static analysis framework, scripts from exercises and training materials are available for download
Browser-based via desktop, mobile & tablet
Igor Kuznetsov, Chief Security Researcher at Kaspersky GReAT
About 60 videos to guide you through the course
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
You’ll get 100 hours of access to the restricted virtual environment to securely practice reversing the samples and playing with them for your skill development.
We demonstrate static and dynamic reversing of infamous malware samples like MagicKarakurt and LightSpy for Android and iOS, and the DuKong framework. You’ll get a detailed view with comments from our expert of the samples you’re unlikely to find in any other course
Watch as Victor shows you his skills and tricks in dynamic instrumentation, native API hooking, return value dumping, unpacking, function resolving using Ghidra plugins and more!
Intermediate
$890 inc. tax per learner
Prerequisites
Intermediate
$890 inc. tax per learner
Prerequisites
Security Researcher
Victor Chebyshev is a security researcher specializing in mobile targeted attacks, research and static reverse engineering.
Victor regularly provides customer training on these subjects and has presented his malware research at various cybersecurity conferences, like the SAS, the RSA Conference etc.
Course Introduction. Introduction to the Virtual Lab
Mobile Malware essentials Android. Mobile Malware essentials IOS.
Introduction To DuKong. Solution: Introduction To DuKong. Stager Functionality. DuKong: Payload Decryption. Solution: Decryption. DuKong Payload Analysis. DuKong: Wrap-up
LightSpy: The Story. Solution: Surface Analysis. LightSpy Unpacking. LightSpy: Wrap-up
MagicKarakurt: The Story. Surface Analysis. Solution: Surface Analysis. Dive Into Native. Dynamic Config Dumping. MagicKarakurt: Wrap-up.
LightSpy iOS: The Story. Solution: Surface Analysis. Code Analysis. LightSpy iOS: Wrap-up. Course Summary.
Corporate IT security managers
Mobile malware poses a significant threat to enterprise IT networks – in the course we show practical techniques to deal with them. The course is a great tool to upgrade your security team’s ability to counter various cyber threats.
Reverse engineers and SOC professionals
Mobile malware has its own unique features which attackers use in their activities. The knowledge gained on this course will take your professionalism to the next level.
Guided video lectures
Learn from well-explained videos by a top expert on mobile malware, who shares his practical experience and hacks.
Hands-on virtual lab
Practice in our fully configured virtual lab to tinker with the malware samples and get the best of them.
Structured flow
The course is built around progressive learning with a consistent module framework. Each module is based on a specialist overview of each task, practical work in the virtual lab and detailed solution walk-throughs.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
6 months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
It will take you approximately 3.5 hours to watch the videos
PDF downloads of training materials & tips
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)
Leading security researcher of mobile malware
20+ videos to guide you through the course
100 hours of virtual lab time for hands-on learning
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
Participants ‘learn by doing’, using the hands-on virtual lab to work on fresh targeted malware samples used in the wild by powerful APT actors.
Get to know the advanced features of tools like IDA Pro and develop up to date knowledge through recent APT cases.
Kaspersky experts have poured more than 10 years of reverse engineering experience and their exclusive research into the course.
Intermediate
$1,400 inc. tax per learner
Prerequisites
Intermediate
$1,400 inc. tax per learner
Prerequisites
“The online format of Kaspersky’s training helps more engineers upgrade their reversing skills and become confident users of our software disassembly product, IDA Pro.”
Senior Security Researcher
Denis Legezo is a GCFA certified Senior Security Researcher. He specializes in targeted attacks research, static reverse engineering.
Denis regularly provides training on these subjects and has presented his targeted malware research at SAS, RSA Conference, VirusBulletin, HITB.
Senior Security Researcher
Ivan Kwiatkowski is an OSCP and OSCE-certified penetration tester and malware analyst who has been working as a Senior Security Researcher in the Global Research & Analysis Team at Kaspersky since 2018.
He maintains an open-source dissection tool for Windows executables and his research has been presented during several cybersecurity conferences. He operates an exit node of the Tor network and also delivers Kaspersky’s reverse-engineering training in Europe.
Meet your trainers and get to know the course in more depth. Then go in to the Chafer APT to learn more about encryption algorithms (Windows CryptoAPI) and how enumerators and debug data help to understand the code.
Combination of static and dynamic analysis: how to use disassembler and debugger in parallel & how to dump decrypted data from memory.
Exploited documents analysis. The tricks in position independent code. Get to know the exploit stages: egg-hunting, decryption, dynamic functions’ address resolution.
Meet interpreted code and understand how it differs from compiled code. Static and dynamic script deobfuscation.
Using IDA Pro’s scripting abilities to automate string decryption.
How LNK-based infection chains work and how to deobfuscate PowerShell scripts.
Reversing steganography algorithms, importing the custom structure descriptions, exporting embedded encryption keys and scratching the surface of C++.
Reverse-engineering x64 malware and reconstructing a custom network protocol from a malware sample.
Reverse-engineering Linux programs including backdoors and rootkits.
Reverse-engineering Linux programs including backdoors and rootkits.
InfoSec professionals
The course is intended for security researchers and incident response personnel or students, malware analysts, security engineers, network security analysts, APT hunters and IT security staff working in SOCs who are seeking to expand their skills in reverse-engineering.
Enterprises
Whether you’re looking to up-skill your current cybersecurity or SOC team or create a new in-house unit, this course will considerably improve your organisation’s defences against targeted malware.
Cybersecurity consultancies
Specialist consultancies who need to train their team on relevant practical skills to be able to offer malware analysis services to their clients will also benefit from this course.
Video lectures featuring Kaspersky researchers
Learn from Ivan Kwiatkowski and Denis Legezo, Senior Security Researchers and members of Kaspersky’s revered Global Research and Analysis Team.
Hands-on virtual lab
Learn how to use tools like IDA Pro through real targeted malware cases like Lazarus, LuckyMouse and MontysThree in our fully configured virtual lab.
Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
6 months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
100 hours of virtual lab time for hands-on learning
PDF downloads of training materials & tips
Browser-based via desktop, mobile & tablet
Ivan Kwiatkowski and Denis Legezo, Senior Security Researchers at Kaspersky GReAT
Over 50 videos to guide you through the course
>PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
Our highly practical course gives a complex overview of how to protect your company against ICT supply chain risks. From threat modeling to secure code review, we will show you how to prioritize and understand the cybersecurity risks your organization faces each day.
As a global cybersecurity provider for 20+ years, we’ve gathered incomparable experience building cyber-resilient ICT infrastructure, and we’ll share this experience with trainees. You will also learn all the viable know-hows based on the work of Kaspersky Transparency Centers.
Improve your cybersecurity expertise with the ultra-practical exercises and concrete real-life cases. No wordy theory, no lengthy lectures – just precise and extremely tangible drills that efficiently convert time spent into skills acquired.
All levels
$1,400 inc. tax per learner
Prerequisites
All levels
$1,400 inc. tax per learner
Prerequisites
Cybersecurity Expert
Senior Public Affairs Manager
Senior Information Security Architect
Security Researcher, ICS CERT Vulnerability Research
Introduction to applications and system security; building reliable and resilient ICT infrastructure:
Introduction to the process of identifying and mitigating potential threats, such as structural vulnerabilities or the absence of appropriate safeguards. The purpose of threat modelling is to provide a systematic analysis of what controls or defenses need to be included, given the nature of the system, the probable attacker’s profile, the most likely attack vectors, and the assets most desired by an attacker.
The sections includes:
Introduction to basic techniques for identifying vulnerabilities in software code. The purpose of the code review is to ensure that a product has no potential vulnerabilities or backdoors. We will also share best practices of Kaspersky’s Transparency Centers and how processes are organized for external reviews of our source code and software development.
The sections includes:
This gives an introduction to the process of defining, developing and testing Windows-based applications through fuzzing to identify bugs and vulnerabilities. Though the training focuses on native Windows-based applications, most of the concepts – as well as the methodology and tools – can be applied to other platforms.
After completing this course, trainees will be able to:
Introduction to and definition of approaches for building the process of managing vulnerabilities within an organization’s ICT infrastructure.
This section includes:
Government organizations, including government CERTs
Government organizations, no matter their size and capacities, should build trusted and cyber-resilient ICT infrastructures to mitigate cybersecurity risks that may impact the public security, economic and social well-being of their citizens.
Academia and research institutions
These organizations often handle a lot of personal or even sensitive data but are very often under-resourced to afford dedicated cybersecurity specialists. Kaspersky’s Cyber Capacity Building Program is a cost-effective solution to address this problem.
Other companies
This training is useful to private organizations, including small and medium companies, and particularly to information security professionals, managers and executives. Understanding the basics of software verification will improve their supply risk management processes and secure their systems.
Guided video lectures
Hands-on knowledge from Kaspersky experts and key practitioners.
Iterative learning
Practical exercises and detailed solution walkthroughs.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
6 months to complete your course from activation of your access code
Delivered in English with subtitles
Self-guided learning that fits around your life
Browser-based via desktop, mobile & tablet
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
Learn navigation inside the assembly code, the difference between values and pointers, concepts of stack and heap, custom data types and shifted pointers! Get introduced to Golang and Rust reverse engineering – and finally, reverse ‘real’ malware to solidify your knowledge and skills!
Get introduced to reverse engineering by Kaspersky’s top experts from the Global Research & Analysis Team (GReAT), a group of the chosen few providing company leadership in anti-malware research.
All levels
$890 inc. tax per learner
All levels
$890 inc. tax per learner
Lead Security Researcher
Denis Legezo is a GCFA certified cybersecurity professional who specializes in targeted attacks research, static reverse engineering.
Denis regularly provides training on these subjects and has presented his targeted malware research at SAS, RSA Conference, VirusBulletin, HITB.
Senior Security Researcher, GReAT
Ivan Kwiatkowski is an OSCP and OSCE-certified penetration tester and malware analyst who has been working as a Senior Security Researcher in the Global Research & Analysis Team at Kaspersky since 2018.
He maintains an open-source dissection tool for Windows executables and his research has been presented during a number of global cybersecurity conferences. He operates an exit node of the Tor network and also delivers Kaspersky’s reverse-engineering training in Europe.
Enterprises
If you are looking to beef up your SOC or cybersecurity team with a reverse engineer or malware analyst, this course will allow your IT staff to make a first step into reverse engineering malware.
Cybersecurity consultancies
The course benefits specialist consultancies who need to train their team in relevant practical skills to be able to offer malware analysis services to their clients.
Would-be InfoSec professionals
The course is designed to upskill individual learners looking to embark on a career in cybersec. While learning, you will develop reverse engineering potential and prepare yourself for more advanced steps.
Guided video lectures
Practice in our dedicated GitHub repository, designed specially for the course.
Code snippets on GitHub
Practice in our dedicated GitHub repository, designed specially for the course.
Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in GitHub and detailed solutions.
With a constantly evolving threat landscape it’s vital IT security specialists keep their skills up to date. With our online training, you can learn effective threat detection and mitigation strategies from the comfort if you’re home with highly practical hands-on courses.
Six months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
Browser-based access to virtual lab
PDF downloads of training materials and tips
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)
Members of Kaspersky Global Research and Analysis Team (GReAT)
50+ videos to guide you through the course
Dedicated GitHub repository for hands-on learning
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
