Workshops
In addition to registration below, all Workshops have 10 seats available for walk-ins, though NOT guaranteed.
ThreatOps – Endpoint Detection and Response
Description: The ThreatOps Challenge is a CTF style of event where we have populated a SentinelOne Singularity console with various alerts, threats, and easter eggs that you can then analyze using the SentinelOne Singularity Platform. You will answer a series of questions that will guide you in utilizing different aspects of SentinelOne ranging from Threat Hunting, Incident Analysis, EDR Queries, and much more. Don’t worry, if you get stuck we have provided hints, and even live instructors to aid you if you get stuck!
+ The ThreatOps Endpoint Workshop consists of free form challenges in the realm of EDR and Threat Hunting
+ Investigate scenarios of both common and advanced persistent threat attack vectors and methodology
+ Master the SentinelOne console to threat hunt against live malware and real world APT attacks
+ Obtain experience by hunting for real information by real malware
+ 3 CPE credits + the chance to win prizes
Pre-reqs and requirements:
• Attendees will need a laptop with Wi-Fi capabilities.
Date/Time:
Thursday Sept 26th 1000-1300 /p>
ThreatOps – Cloud Workloads
Description: The ThreatOps Challenge is a CTF style of event where we have populated a SentinelOne Singularity console with various threats (and easter eggs!) that you can then analyze using the SentinelOne Singularity Platform. You will answer a series of questions that will guide you in utilizing different aspects of Singularity focusing on threat hunting on cloud based workloads (kubernetes). Don’t worry, if you get stuck we have provided hints, and even live instructors to aid you if you get stuck!
+ The ThreatOps Cloud Workshop consists of free form challenges in the realm of Threat Hunting on cloud based workloads (kubernetes)
+ Learn how to use the SentinelOne query language and how to hunt using MITRE TTP’s
+ Master the SentinelOne console and how to query for a variety of malicious behaviors
+ Obtain experience by hunting for real information by real malware
+ 2 CPE credits + the chance to win prizes
Pre-reqs and requirements:
• Attendees will need a laptop with Wi-Fi capabilities.
Date/Time:
Thursday Sept 26th 1400 – 1600
AI Insecurity – An Introduction to Attacking AI and Machine Learning Models
Description: Get ready to flip the script on the machines! During this 4-hour escapade, you will explore adversarial ML techniques, from exploiting the models to bypassing their predictions. We’ll start from scratch to teach you how to turn the tables on ML models. No prior adversarial ML experience needed!
Pre-reqs and requirements:
• Attendees must bring a laptop with wireless connection capabilities.
• Attendees will need a laptop with an internet connection and the ability to run a Jupyter notebook via a local Jupyter instance, Visual Studio Code, Google Colab, or similar setup.
• This session is intended for people who are tasked with testing the robustness and security of their machine learning systems. While no background in machine learning will be necessary, experience with writing python code is highly recommended.
Date/Time:
Thursday Sept 26th
10am – 2pm
ThreatOps – Cloud Native Security
Description:The ThreatOps Challenge is a CTF style of event where we have populated a SentinelOne CNS console with various alerts, threats, and easter eggs that you can then analyze. You will use SentinelOne CNS to discover a variety of different cloud based exposures that if closed can keep you secure. No experience with protecting cloud based resources? No Problem. SentinelOne CNS makes it easy with CNAPP, CSPM, CIEM, Secrets Scanning, and an Offensive Security Engine!
+ The ThreatOps CNS Workshop consists of free form challenges in the realm of cloud security.
+ Investigate improper configuration of cloud resources, leaked passwords in source code, exploitable kubernetes nodes, and more.
+ Master the CNS interface and gain a good understanding of how the solution can benefit anyone using the cloud.
+ Obtain experience by hunting for real information created by real world exploits.
+ 2 CPE credits + the chance to win prizes
Pre-reqs and requirements:
• Attendees will need a laptop with Wi-Fi capabilities.
Date/Time:
Friday Sept 27th 1000 – 1200
ThreatOps – Purple AI
Description: The ThreatOps Challenge is a CTF style of event where we have populated a SentinelOne Singularity console with various alerts, threats, and easter eggs that you can then analyze using the SentinelOne Singularity Platform. You will use Purple AI to discover how easy AI powered threat hunting can be. No experience in threat hunting? No Problem. Purple AI is makes threat hunting easy!
+ The ThreatOps Purple AI Workshop consists of free form challenges in the realm of Threat Hunting using Purple AI
+ Investigate scenarios of both common and advanced persistent threat attack vectors and methodology
+ Master Purple AI and discover how easy AI powered threat hunting can be
+ Obtain experience by hunting for real information by real malware
+ 2 CPE credits + the chance to win prizes
• Attendees will need a laptop with Wi-Fi capabilities.
Date/Time:
Friday Sept 27th 1300 – 1500
XDR Threat Hunting Workshop
Description: Whether you are an experienced cyber professional or a beginner, this workshop guarantees a mix of education, excitement, and engaging content. Seize the chance, upskill, and leave no threat undetected. Secure your spot now and leave with a clear plan you can take back to your organization.
Kick off your adventure with a hands-on lab designed to enhance your investigation and threat hunting expertise.
Learn how to empower your teams to go from endless investigation to remediating the highest priority incidents with greater speed, efficiency, and confidence. We will explore how to:
· Identify patterns and correlations in threat activity with root cause and attack chain analysis
· Leverage machine learning to prioritize incidents based on risk and impact
· Elevate productivity with automation and guidance
• Attendees will need a laptop with Wi-Fi capabilities.
• An email address that’s not from a public email service.
Date/Time:
Friday Sept 27th 1000 – 1400