Practical Malware triage Workshop
RCCE students will learn malware analysis triage methodologies including static analysis basics, dynamic analysis in sandboxed environments, behavioral analysis, indicator extraction, and malware classification. RCCE students will learn to perform initial malware triage to determine threat severity, extract file hashes, strings, imports, and other static indicators, execute malware in controlled sandbox environments to observe behavior, identify command and control communications, persistence mechanisms, and payload delivery techniques, classify malware by family and variant, and produce malware analysis reports that inform incident response and detection engineering efforts. This practice-intensive course emphasizes applied skills through lab exercises, real-world scenarios, and production-realistic workflows. At an expert level, RCCE students will learn by doing, building muscle memory and practical confidence through repeated hands-on engagement. Students complete exercises that mirror actual workplace tasks, ensuring skills transfer directly to their professional roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Practical Malware triage Workshop
- Execute hands-on tasks for practical malware
- Execute hands-on tasks for triage workshop
- Explain Course Overview fundamentals
- Execute hands-on tasks for focus area
- Design a scalable privilege management architecture with policy and enforcement, including Skill Level.
- Execute hands-on tasks for malware triage methodology
- Execute hands-on tasks for analysis → dynamic
- Execute hands-on tasks for analysis → behavioral
- Execute hands-on tasks for analysis → report
- Execute hands-on tasks for triage goal
- Execute hands-on tasks for time budget — covering Determine threat severity.
- Execute hands-on tasks for malware classification taxonomy
| Module 01 | Practical Malware |
| Module 02 | Triage Workshop |
| Module 03 | Course Overview |
| Module 04 | Focus Area |
| Module 05 | Learning Model |
| Module 06 | Malware Triage Methodology |
| Module 07 | Analysis → Dynamic |
| Module 08 | Analysis → Behavioral |
| Module 09 | Analysis → Report |
| Module 10 | Triage Goal |
| Module 11 | Time Budget |
| Module 12 | Malware Classification Taxonomy |
| Module 13 | Static Analysis Fundamentals |
| Module 14 | Key Static Analysis Tools |
All hands-on labs run on Rocheston Rose X OS. Students practice practical malware triage workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for practical malware
- Lab 2: Execute hands-on tasks for triage workshop
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Execute hands-on tasks for focus area
- Lab 5: Design a scalable privilege management architecture with policy and enforcement
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Practical Malware triage Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI