FireEye Malware Analysis (AX Series) provides a secure environment to test, replay, characterize, and document advanced malicious activities. AX shows the cyber attack lifecycle, from the initial exploit and malware execution path to callback destinations and follow-on binary download attempts.
This half-day course is a primer on AX, covering deployment options, basic administration, and core functionality. Hands-on activities include appliance administration and submitting malware samples to AX for deep forensic analysis.
This course is the recommended starting point for anyone who uses an AX.
Upon completion of the course the learner should be able to:
- Deploy, install, and configure AX
- Administer an AX appliances
- Submit malware samples to AX for deep inspection
- Review analysis results for submitted malware
- FireEye Core Technology
- Malware infection cycle
- MVX engine
- Appliance analysis phases
- Appliance Administration
- Appliance updates
- Role-based access and user accounts
- Malware event notifications
- System notifications
- Forensic Analysis
- Primary functions of AX
- AX deployment
- Initial AX configuration
- FireEye AX Web UI and dashboard
- Setting up file shares and scheduling batch analysis
- Submitting malware samples and specifying analysis parameters
- Reviewing analysis results for submitted malware
Lessons are typically a blend of lecture and hands-on lab activities.
A working understanding of networking and network security, the Windows operating system, file system, registry, and use of the CLI.
Network security professionals and incident responders; FireEye Admin and Analyst users.