X

Enroll your team

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Request Access

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Pre-register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

Coming soon our new Windows Digital Forensics course, find out more here.

Hunt APTs with Yara like a GReAT ninja

Built for Tier 3 Threat Hunters

All levels

$1,400 inc. tax per learner

All levels

$1,400 inc. tax per learner

“Only our course teaches you how to write solid and fast Yara rules while developing a threat hunting mentality that will be respected & valued.”

Enroll my team
Request demo access

Background

Have you ever wondered how Kaspersky’s GReAT experts discovered some of the world’s most famous APT attacks? Now, the answer is within your reach.
Our specialists have poured years of experience from the prominent cases they have worked on into our online Threat Hunting with Yara training. Course leader Costin Raiu, a 25 year veteran of the threat hunting industry, will teach you the unconventional ways of working with Yara so that you can find threats of the same magnitude as his team.

Specifically designed for self-paced learning, our course is deeply practical and enables you to learn-by-doing, hunting for real threats in our dedicated Virtual Lab. Using world-renowned cases like BlueTraveller, Sofacy & WildNeutron as the basis of the course, Costin shares insights and techniques from his team’s exclusive research on these cases. This knowledge will enhance your career and improve your organisation’s threat defences.

Course leader

Costin Raiu

Security Researcher

Costin is one of the founders of Kaspersky’s industry leading Global Research and Analysis Team (GReAT), the team that researched the inner workings of Stuxnet, Duqu, Flame, Carbanak, Turla, Lazarus, the Equation Group and many more.

Costin has over 25 years’ experience in cybersecurity and specializes in analyzing Advanced Persistent Threats and high-level malware attacks.

He is a member of the Virus Bulletin Technical Advisory Board and the Computer AntiVirus Researchers’ Organization (CARO) as well as a reporter for the Wildlist Organization International.

Overview & objectives

  • Write cleaner, more efficient, Yara rules
  • Tips & tricks to create fast, efficient rules
  • Yara generators to save time and effort
  • Test Yara rules for false positives
  • Hunt new undetected samples in your infrastructure
  • Use external Yara modules for efficient hunting
  • Discover secrets of anomaly search
  • Test your new skills on real life cases

Syllabus

Who it's for

InfoSec professionals

IT Security professionals will learn how to advance their career as a threat hunter and hunt threats more efficiently.

Enterprises

Train your teams to find new malware samples, exploits and zero-days and speed up incident response. Improve your organizations’ defenses with custom rule

How you'll learn

Video lectures featuring Costin Raiu

Learn from a 25 year Threat Hunting ninja and Director of Kaspersky’s industry leading Global Research and Analysis Team.

Active learning

Engaging learning tools & quizzes to support effective knowledge transfer.

Hands-on virtual lab

Work with real cases like BlueTraveller and DiplomaticDuck in our virtual lab.

Be the first to find out...

Each and every month we share our latest news, tips, tricks and advice on all things cybersecurity related.
Be the first to find out when we run competitions, promotions, launch new courses, release free webinars and much more!

Sign up
Securelist

Securelist

The home for all of Kaspersky’s cyberthreat research and reports.

BrightTALK’s Kaspersky channel

BrightTALK’s Kaspersky channel

Discover and learn with Kaspersky’s brightest professional.

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal

Scan files, domains, IP addresses & URLs for threats, malware and viruses.

KLARA on GitHub

KLARA on GitHub

KLara helps Threat Intelligence researchers hunt for new malware using Yara.

Access

6 months to complete your course from activation of your access code

Language

Courses delivered in English with subtitles

Pace

Self-guided learning that fits around your life

Browser-based access to virtual lab

It will take you approximately 15 hours to finish the course

Downloads

PDF downloads of training materials & tips

Learning environment

Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)

Course author

Costin Raiu, Director of GReAT, Kaspersky

Guided videos

Over 50 videos to guide you through the course

Access to virtual lab

100 hours of virtual lab time for hands-on learning

Certificate of completion

PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)