alysis Professional certification is different from conventional certification:
- eCMAP is a comprehensive malware analysis simulation based on a real-world scenario designed by INE’s course instructors. Candidates are required to analyze a malwares sample and provide a detailed report that simulates a corporate record.
- Candidates are asked to deploy multiple advanced methodologies to conduct a thorough analysis on a given malware.
- Only individuals that provide proof of their findings in addition to identifying the vast majority of the malware’s functionality are awarded the eCMAP Certification.
- Only individuals who provide proof of their findings in addition to writing a working exploit are awarded the eCMAP Certification.
By obtaining the eCMAP, your skills in the following areas will be assessed and certified:
- Run a malware and tracking its activity
- Reverse Engineering and/or unpacking malware
- Ability to debug malware step-by-step
- Identify how the malware achieves obfuscation
- Identify C2 channels and what they are used for
- Bypass anti-analysis techniques
- Locate and analyze dropped and downloaded malware as well as persistence mechanisms
The eCMAP is a certification for individuals with highly technical understanding of systems and malware attacks. Everyone can attempt the certification exam, however here are the advised skills to possess for a successful outcome:
- Letters of engagement and the basics related to malware analysis engagement
- Deep understanding of Windows OS
- Knowledge of malware analysis processes and methodologies
- Good reverse engineering skills
- Familiarly with tools such as IDA Pro, sysinternals, x64dbg, etc.
- Ability to perform static analysis, dynamic analysis, reverse engineering, IOC creation and behavioral analysis
- Familiarity with bypassing anti-analysis tricks, unpacking, detecting persistence mechanisms, etc.
- Manual malware analysis through debugging and process analysis
- Ability to create a professional malware analysis report