Ultimate Hacking: Malware Forensics & Incident Response

Foundstone Dec 3-4


Ends october 15


Ends December 2


Ends December 6


McAfee's Malware Forensics & Incident Response Education (MFIRE) workshop is a proactive weapon to help you normalize your environment after a negative event has occurred. Hackers and cybercriminals have increasingly sophisticated tools and backdoor programs at their disposal to steal your intellectual property and expose sensitive information – all with the ability to cover their tracks by using malware. IT professionals charged with protecting the environment can be overwhelmed, causing attacks to be ignored or mistakenly diagnosed as a system or network problem. During this workshop we provide you with the techniques to identify, respond to, and recover from malware incidents. Malcontent and security holes exist in alarming numbers, and as a result the possible compromises on your network and applications are an unfortunate fact of corporate life. A total network-security plan includes the capability to resolve incidents after they occur. This comprehensive, technically detailed course enables you to successfully respond to malware incidents and reinforces your security posture.

Who Should Take This Class

System and network administrators, corporate security personnel, auditors, law enforcement officers, and consultants responsible with investigating malware outbreaks or network investigations.

Basic understanding of Windows OS, and TCP/IP networking is required for the course to be fully beneficial.

What You'll Learn

This Workshop will give you a study of the incident response process related to malware. Starting from tracing the Internet to analyze malware, Foundstone updates this class continuously by integrating the latest security threats and countermeasures.

In this hands-on classroom, you will learn how to respond to malware incidents. While in the security lab, you will learn to apply this knowledge. With McAfee's expert instruction, you learn step-by-step incident response procedures & forensic techniques used for malware infections and outbreaks. These methods are tailored to your organization's security architecture, so you can apply them in the real world long after class is completed.


All topics are supported by hands-on exercises specifically designed to increase knowledge retention. Classroom exercises provide the extensive hands-on experience needed to effectively identify, contain, and respond to complicated and potentially damaging intrusions.

Course Materials

Module 1 - Introduction

Module 2 - IR process Module 3 - Research of domains, urls & ip addresses Module 4 - malware analysis Module 5 - Memory Forensics Module 6 - Network Forensics Module 7 - Mobile Malware Module 8 - the Grand Final