Related posts

RangeForce Intros Hands-on YARA Training Modules

by Will Munroe

Security pros can take the YARA Challenge to build skills on a powerful malware classification and threat hunting tool

MANASSAS, Va., April 22, 2020 — In the battle against targeted malware and other threats, RangeForce is helping security professionals fight back with a new set of YARA training modules that takes the learner from the basics to advanced rule creation — a highly valuable skill set as enterprises face growing threats. The new YARA modules are part of RangeForce’s Cyberskills Training Platform, a cloud-based on-demand SaaS environment that features a built-in cyber range and hands-on lessons in detecting and responding to the latest cyber threats and system vulnerabilities. RangeForce additionally announced a YARA Training Modules Challenge for incident responders, malware and threat analysts interested in trying the new modules free and earning a YARA micro-certification.

Take the RangeForce YARA Training Modules Challenge here

An open-source project written in C and free via Github, YARA is a powerful and flexible pattern matching tool that runs from a command line on Linux and Windows. It can be used to find a specific file hash on a web server or to broadly detect a certain file type across multiple systems. YARA has been adopted by multiple security vendors, making it useful with a wide variety of SIEM, Sandbox, IDS, and anti-phishing tools.

RangeForce’s new YARA training modules, available with free access via the YARA challenge include:

  • YARA Introduction: Learn how to install and configure YARA on a Linux server. Cover the basic structures of a YARA rule, and learn about the YARA resources available. Create your first rule to analyze a suspicious file.
  • YARA Rule Generation: Use yarGen to generate a YARA rule, understand how metadata and string scoring can be built into those rules, and learn some tricks to optimize the YARA rules you’ve created.
  • YARA Rule Management: This module introduces YARA-related repositories. Useful in both discover tools and rulesets, this makes malware analysis and classification much easier. 
  • Advanced YARA Rule Writing: Dig deeper into custom rules based on strings and byte sequences. Using different malicious file samples, this module teaches you how to build complex YARA rules based on the attributes of those samples. 

According to RangeForce President Gordon Lawson, “Working remotely means hundreds, if not thousands, of new edge computing devices, could be susceptible to attack. With the pandemic ongoing and likely to amplify threats, security teams need to be experts at tools like YARA that can give them an advantage over adversaries. With these training modules anyone, even an expert, can learn how to leverage YARA better and achieve new levels of proficiency in threat detection and response.”

Learn more about training remotely with RangeForce, and take our free YARA challenge

About RangeForce

RangeForce delivers the industry’s only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hands-on advanced cybersecurity training. Cyber and IT professionals from all industry verticals use RangeForce to qualify their new-hires, train up DevOps, IT, and Security Staff, and run CyberSiege simulations to evaluate team skills. Only RangeForce can accurately show users where expertise gaps exist, fill those gaps with highly-effective simulation-based training, and accurately report on the entire process. To learn more about RangeForce, visit www.rangeforce.com.