UK: SANS has announced the addition of a new capture the flag malware analysis tournament at SANS Forensics Prague 2013 in October. The capture the flag challenges have been added as the sixth and final day of the newly-expanded FOR610: Reverse Engineering Malware course. The tournament gives participants the opportunity to test and solidify the skills they learned earlier in the course in a fun, game-like format.
"These new hands-on exercises are very challenging, as they were built on 100 percent live malware which is representative of what participants will have to reverse-engineer when they return to their jobs," said Jake Williams, malware analysis expert and author of day six. "After completing the challenges on day six, participants will be better prepared to function as malware reverse engineers in an operational setting."
Lenny Zeltser, security expert and malware course author added: "The most recent expansion of the course is consistent with the increasing demands being placed on malware analysts. It has gradually expanded through the years from a one day course, to two days, then to four days, then five, and now six, because the set of fundamental skills that analysts need to have in this field have been growing. As the demand for these skills increases and more people enter the field, employees are looking for ways to ensure that the people they hire have practical, hands-on skills. The expansion of FOR610 to six days provides students even more opportunity to practice with real-world malware, giving them a strong foundation for entering the field or expanding their expertise."
The FOR610 course has been well-received by students. "The exercises and examples are very good and useful to get a better understanding of code analysis. Definitely one of the best courses I've attended on this topic," said Thor Olsen, Norwegian Police Security Services and a prior participant of the course.
The SANS Forensics Reverse Engineering Malware course is also associated with the GIAC GREM certification. It's designed for technologists who protect their organization from malicious code. These individuals know how to examine inner-workings of malware in the context of forensic investigations, incident response and Windows system administration.
SANS Forensics Prague 2013 is a weeklong event which begins on the 6th of October with the 4th annual Digital Forensics and Incident Response Summit which focuses on the most pressing security and technology issues facing the global forensics and incident response community.