Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What certifications do I need to become a Malware Analyst?


  • Please log in to reply
16 replies to this topic

#1 DrShade

DrShade

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 10 July 2015 - 11:40 AM

I've previously posted here on how to get started as a malware analyst, and wanted to say thanks on getting me started. How much do certifications help me in for my resume and which one(s) should I get? Will experience ultimately be better than a cert? And finally, when should I get certified? I'm currently a sophomore studying information assurance, should I wait until I graduate to get certified? 

 

Sorry for the abundance of questions, and thanks for helping.



BC AdBot (Login to Remove)

 


#2 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 AM

Posted 10 July 2015 - 11:43 AM

You mean helping  with logs ? It takes a year or two to complete, I'm under training and it can be quite difficult. The more people you help,more experience you gain :) I had 2 cases yesterday and everything was resolved ;)

 

My bad


Edited by Firehouse, 10 July 2015 - 11:56 AM.


#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:18 AM

Posted 10 July 2015 - 11:52 AM

Malware analysis isn't the same as malware removal training...

I'd like to see what others have to say about this as well.

#4 DrShade

DrShade
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 10 July 2015 - 11:52 AM

"You mean helping  with logs ? It takes a year or two to complete, I'm under training and it can be quite difficult. The more people you help,more experience you gain  :) I had 2 cases yesterday and everything was resolved ;)"

 

No, I meant certifications required to become a malware analyst and work for an antivirus company developing signatures. Are certifications required for that?


Edited by DrShade, 10 July 2015 - 11:53 AM.


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 AM

Posted 10 July 2015 - 11:58 AM

It looks like this certification comeback a lot when you look up "malware analysis certification".

https://digital-forensics.sans.org/certification/grem

Also, I'm sure that every companies have their set of standards a candidate must fulfill before they consider his application. Malwarebytes and Emsisoft Reps present on BleepingComputer might be the best suited to answer these questions.

Edited by Aura., 10 July 2015 - 11:58 AM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 DrShade

DrShade
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 10 July 2015 - 12:01 PM

It looks like this certification comeback a lot when you look up "malware analysis certification".

https://digital-forensics.sans.org/certification/grem

Also, I'm sure that every companies have their set of standards a candidate must fulfill before they consider his application. Malwarebytes and Emsisoft Reps present on BleepingComputer might be the best suited to answer these questions.

 

Cool, do you have any way that I can contact them about my question?



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 AM

Posted 10 July 2015 - 12:05 PM

I'm sure that they'll see this thread, if not I know someone in this thread that can ask one of them to take a look at it. You just have to wait a bit :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 DrShade

DrShade
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 10 July 2015 - 12:12 PM

Thank you for your help!



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 AM

Posted 10 July 2015 - 12:14 PM

No problem, you're welcome :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,985 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:18 AM

Posted 10 July 2015 - 12:30 PM


 

No, I meant certifications required to become a malware analyst and work for an antivirus company developing signatures. Are certifications required for that?

 

 

 

Each security company has their own set of requirements. I'd advice you to look on company websites of well-known security companies, most have a Jobs or Career section that will list possibilities and requirements. Based on that you should be able to get an idea of what is necessary.

 

I'd like to point out though that certification is only one part of the skillset required, experience being the other part. Someone who wants to become a medic sure needs to read a lot of books and do appropriate studies. However nobody will ever consider hiring them as practicing medic if they do not also gain practical experience on the way.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 AM

Posted 10 July 2015 - 12:33 PM

Each security company has their own set of requirements. I'd advice you to look on company websites of well-known security companies, most have a Jobs or Career section that will list possibilities and requirements.


Another place to look at would also be these companies' profile on LinkedIn, Jobbom, etc. since they'll also post jobs opportunities there as well and the requirements will be listed.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 DrShade

DrShade
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 10 July 2015 - 12:36 PM

Guess I know what I'll be doing for the rest of the day.



#13 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:18 AM

Posted 10 July 2015 - 02:03 PM

Since you are still in school, use your free time to build up experience reversing malware.

Search with Google for "reverse engineering challenges".

I can recommend a book written by a friend of mine: Mike Sikorski - https://www.nostarch.com/malware

Mike also teaches malware analysis training classes at security conferences, like Brucon and Black Hat USA.

 

I can only talk about one malware analysis certification: SANS' GREM: GIAC Reverse Engineering Malware.

I obtained this certification myself.

Do you have any experience analyzing malware?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#14 DrShade

DrShade
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 10 July 2015 - 02:40 PM

Since you are still in school, use your free time to build up experience reversing malware.

Search with Google for "reverse engineering challenges".

I can recommend a book written by a friend of mine: Mike Sikorski - https://www.nostarch.com/malware

Mike also teaches malware analysis training classes at security conferences, like Brucon and Black Hat USA.

 

I can only talk about one malware analysis certification: SANS' GREM: GIAC Reverse Engineering Malware.

I obtained this certification myself.

Do you have any experience analyzing malware?

Thanks for the advice. I am already reading that book (and other malware books in my backlog), so I don't have too much experience analyzing malware since I just started the book.
 

And what can you tell me about the GREM?


Edited by DrShade, 10 July 2015 - 02:53 PM.


#15 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:18 AM

Posted 10 July 2015 - 03:07 PM

GREM is like most SANS certifications. You follow their training (FOR610), and then you take the exam (open book exam). Attending live classes takes 6 days. But they also offer this via various online services.

 

GREM teaches you the basics of malware analysis.

https://www.sans.org/course/reverse-engineering-malware-malware-analysis-tools-techniques

 

SANS training is expensive, but thorough and good.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users