Blue Coat Malware Analysis Appliance

Currently, there are no sessions available, but please call us at (866)646-9211 or email us at [email protected] to schedule your custom training session.

Course Description

The Blue Coat Malware Analysis Appliance (BCMAA) course is intended for IT professionals who wish to master the fundamentals of the Blue Coat Malware Analysis Appliance. After completing this course, you will be able to:

  • Identify the primary architectural components and configuration requirements of the system
  • Identify typical enterprise use cases for integrating Malware Analysis with other solutions and using it as a research tool
  • Describe how event information is captured and how it is used to produce result scores and analytical data
  • Identify the main features of the analytical process and life cycle of a task
  • Explore the task summary, the high-level components of task reports, including pattern-matching results, activity reports, event distribution charts, and artifacts
  • Identify the automated detection technologies and anti-evasion techniques employed by the system to detect advanced malware
  • Customize IntelliVMs based on best practices and identify customization strategies for specific environments and circumstances
  • Identify the remote API capabilities for custom integrations and other advanced use of the system

Duration / Format

2 days (16 hours) / available as classroom instructor led (ILT) or virtual classroom training (VCT)

Audience / Target Group

IT network or security professionals who wish to master the fundamentals of Blue Coat products with a focus on network security.

Prerequisites

Students should be familiar with networking essentials, such as LAN, Internet, security, and IP protocols.

Course Description and Content

The Blue Coat Malware Analysis Appliance (BCMAA) Course covers concepts and technologies that enable the core functionality of MAA and teaches best practices for using MAA to detect, analyze, and report on the static properties and the active behavior of unknown and/or suspicious code submitted to the system. This course covers:

  • Sandboxing Concepts
  • Role-based Access Control
  • Detection Technologies
  • Sample Processing
  • Detection Patterns and YARA
  • Remote API
  • Sub/Pub API
  • VM Firewall and Plugins

Blue Coat

Ask a Question