Sign up to save your podcasts
Or
Share Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use | Ep. 6
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use | Ep. 6
🧠 Episode 6 – Everyday Cyber Podcast
In this episode, Alex Reid explores how cybersecurity analysts use timeline analysis to investigate intrusions, uncover malware, and detect threats at scale. This hands-on walkthrough reveals how modern blue teams reconstruct attacks across hundreds of endpoints using tools like log2timeline, YARA, capa, and more.
You’ll learn the full process from enterprise threat hunting to deep-dive forensic timeline building — including malware detection, IOC stacking, and how to pivot around suspicious activity.
🔍 Key topics covered:
The 3-phase model: Threat Hunting → Triage → Deep-Dive Forensics
Occurrence stacking, outlier detection, and IOC hunting
Detecting malware using tools like Sigcheck, maldump, and capa
Writing YARA rules and matching malware capabilities to MITRE ATT&CK
Filesystem timelines vs. super timelines — when to use each
Using log2timeline, Plaso, Timeline Explorer, and Timesketch
How to scale timeline analysis across multiple compromised systems
Practical insights for analysts, DFIR teams, and blue teamers
timeline analysis
threat hunting
malware detection
YARA rules
log2timeline
plaso forensic tool
capa malware analysis
digital forensics podcast
DFIR workflow
ioc hunting
sigcheck malware scan
timeline explorer
timesketch tutorial
fileless malware detection
endpoint forensics
blue team tactics
incident response timeline
cybersecurity tools
forensic timeline building
everyday cyber podcast
View all episodes
By Alex Reid🧠 Episode 6 – Everyday Cyber Podcast
In this episode, Alex Reid explores how cybersecurity analysts use timeline analysis to investigate intrusions, uncover malware, and detect threats at scale. This hands-on walkthrough reveals how modern blue teams reconstruct attacks across hundreds of endpoints using tools like log2timeline, YARA, capa, and more.
You’ll learn the full process from enterprise threat hunting to deep-dive forensic timeline building — including malware detection, IOC stacking, and how to pivot around suspicious activity.
🔍 Key topics covered:
The 3-phase model: Threat Hunting → Triage → Deep-Dive Forensics
Occurrence stacking, outlier detection, and IOC hunting
Detecting malware using tools like Sigcheck, maldump, and capa
Writing YARA rules and matching malware capabilities to MITRE ATT&CK
Filesystem timelines vs. super timelines — when to use each
Using log2timeline, Plaso, Timeline Explorer, and Timesketch
How to scale timeline analysis across multiple compromised systems
Practical insights for analysts, DFIR teams, and blue teamers
timeline analysis
threat hunting
malware detection
YARA rules
log2timeline
plaso forensic tool
capa malware analysis
digital forensics podcast
DFIR workflow
ioc hunting
sigcheck malware scan
timeline explorer
timesketch tutorial
fileless malware detection
endpoint forensics
blue team tactics
incident response timeline
cybersecurity tools
forensic timeline building
everyday cyber podcast