SOC Summit Talk: Detecting Malware with YARA Rules
With Troy Wojewoda
March 25 @ 1:00 pm – 1:25 pm EDT
Ever wondered how threat hunters automate pattern detection across massive datasets?
Join Troy Wojewoda (Black Hills Infosec Incident Responder/Threat Hunter/Intelligence/SOC Principal Analyst) for a 25-min technical presentation on the practical use of YARA for incident response and threat hunting.
You’ll learn about YARA rules, strings, conditions, and how they help detect patterns in files and processes.
Troy will teach through real-world examples of how YARA boosts detection, from spotting malware families to scanning memory dumps, and give you the hands-on skills to start creating and deploying your own YARA rules right away.
Chat with your fellow SOC Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon
This talk is part of the Antisyphon Training SOC Summit, a free, 6-hour, live virtual event designed to give you an honest, practical look at what it’s really like to work in a SOC.
For those who want to go further, multiple hands-on, high-quality, and affordable training courses are available March 26-April 10 to help you deepen your skills and become more effective at protecting what matters most.
Troy Wojewoda will be teaching his Network Forensics & Incident Response class March 30-31.
See the entire Antisyphon Training Course Catalog for affordable cybersecurity training!
About the Instructor
Troy Wojewoda
Bio
Troy Wojewoda is a Security Analyst at Black Hills Information Security (BHIS). Prior to joining BHIS, Troy has held roles in application and system administration, host and network intrusion detection, wireless security, penetration testing, digital forensics, malware analysis, threat hunting, and incident response. In addition to earning several professional certifications, Troy has a BS in Computer Engineering and Computer Science.
