Training Opportunities

To register for a training session, you must be registered for the Summit. If you are already registered and you would like to add on a training, you may do so in your personal registration portal which you can access from your registration confirmation email or email NCS@eventpowersupport.com for assistance. If you have not registered for the Summit, you may register now below.

REGISTER NOW
 

Training Sessions | Monday, September 22, 2025

Creating & Conducting Tabletop Exercises for Incident Response & Business Continuity
Training by: Cyber Brews LLC
Instructors: Karen Williams, CEO
Date: Monday, September 22, 2025 | 9:00 a.m. - 1:30 p.m.
Price: $300.00
Description:
Are you responsible for your company’s Incident Response (IR) or Business Continuity (BC) Plan? Do you want to ensure your organization is prepared for real-world disruptions? This interactive three-hour workshop will teach you how to design and conduct effective tabletop exercises to test your company’s response and recovery capabilities.

Applying Cyber-Informed Engineering
Training by: Idaho National Laboratory
Instructors: Virginia Wright, CIE Program Manager and Benjamin Lampe, CIE Principal Investigator
Date: Monday, September 22, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $150.00
Description:
Cyber-Informed Engineering (CIE) offers an opportunity to “engineer out” cyber risk across the entire system lifecycle, starting from the earliest possible phases of conceptual design and requirements development and system design—the most optimal times to introduce mitigations against cyber risk. CIE is an emerging method to integrate cybersecurity risk considerations into the conception, design, development, and operation of any physical system that has digital connectivity, monitoring, or control. CIE uses design decisions and engineering controls to mitigate or even eliminate avenues for cyber-enabled attacks or reduce the consequences when an attack occurs.This workshop provides an exploratory experience to apply CIE principles in a fictional project. It is designed to elicit rich discussion about the principles using a water sector cloud upgrade as its basis.among workshop participants. Feel free to ask questions of the moderators throughout the exercise.

Level Up Your Network Security Super Powers: Zeek + Suricata Training
Training by: Corelight, Inc.
Instructor: Tim Nolen, Principal Solutions Engineer
Date: Monday, September 22, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $150.00
Description:
Join us for a Zeek + Suricata open source training day led by a member of the Corelight Open Source Champions team. We will delve into the world of network security monitoring with Zeek and Suricata, globally recognized open source network security and threat detection tools. From introductory sessions unlocking Zeek’s power, to deep dives into its architecture and log analysis, participants will gain invaluable insights to supercharge their threat detection powers. We will cover:- Introduction to Zeek and Suricata: Kickstart your network security journey by harnessing the power of these open source tools.- Architecture Deep Dive: Explore the intricacies of Zeek and Suricata’s advanced architecture, empowering you to enhance your threat detection skills.- Logs: Learn to extract valuable insights from Zeek logs, from common to SSL/TLS, to outsmart cyber threats.- Detect Like a Pro: Elevate your detection game with high-level Zeek and Suricata scripts for proactive threat identification.- Hunt Like an Expert: Learn how to carve through network security logs with expertise.

From Detection to Eradication: Hands-On Ransomware Response in a Live Enterprise Lab
Training by: DarkLine Cyber
Instructor: Rich Dunham, Principal and Katelin Grogan, Security Analyst
Date: Monday, September 22, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $625.00
Description:
This hands-on training places participants in the role of an incident responder investigating a realistic ransomware attack on a corporate network. Using a memory dump and disk image from an infected system, students extract and analyze logs, registry hives, file artifacts, and malware binaries to reconstruct the attack timeline and identify root cause. The course emphasizes practical triage skills, behavioral analysis, and structured investigation workflows. Designed for current or aspiring incident response professionals, this training provides students with a repeatable methodology, investigation templates, and hands-on experience using open-source tools. Participants complete the course with a working timeline, threat attribution artifacts, and the skills to lead or support real-world ransomware investigations with confidence.

Integrating CSCRM Processes Into Your Security Program
Instructor: Alan Millington
Date: Monday, September 22, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $250.00
Description:
We've all heard the term "risk" alongside terms like supply chain, 3rd party, industrial base, among others to describe entities external to your organization. This risk has become an increasingly concerning topic to cybersecurity programs and rightfully so. Everything from third party data breaches to backdoored code repositories have disrupted critical business operations. Executive Orders have been issued to address the resilience of America's supply chain to include cybersecurity. Entire frameworks have been developed to address these concerns. Even the 3rd revision of the dreaded CMMC for defense contractors has an entire family of controls addressing the supply chain.

The AI Investigation Workshop: Memory Dumps to Smoking Guns
Training by: Infosec
Instructor: Keatron Evans, VP Product Portfolio and AI Strategy
Date: Monday, September 22, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $250.00
Description:
Transform your incident response capabilities by learning how to harness the power of GenAI. In this hands-on workshop, you'll tackle realistic breach scenarios involving malware hidden in memory dumps and network traffic. Instead of spending days and weeks memorizing complex command syntax, you'll use GenAI to shift your focus to what really matters — uncovering what happened during the attack.

Through guided exercises, discover how AI transforms steep learning curves into gentle slopes. Watch as tools like ChatGPT help you craft precise Volatility commands, decode network anomalies and uncover digital forensics evidence that would take many times longer to learn without an AI guide.

This isn't theoretical training — it's practical skill-building where you'll walk away with completed investigations and an AI prompt toolkit that continues accelerating your expertise. Experience firsthand how AI democratizes advanced cybersecurity skills, making expert-level incident response accessible to practitioners at any experience level.

 

Training Sessions | Tuesday, September 23, 2025

Foundational OSINT Tools and Techniques
Training by: SANS
Instructors: Mick Douglas, Instructor
Date: Tuesday, September 23, 2025 | 8:00 a.m. - 12:00 p.m.
Price: $150.00
Description:
This hands-on workshop introduces participants to core Open-Source Intelligence (OSINT) methodologies and practical techniques for conducting effective investigations. Through focused instruction blocks paired with interactive mini-labs, attendees will learn to gather, analyze, and verify information from publicly available sources. Participants will gain practical experience with essential OSINT tools and develop a structured approach to intelligence gathering that can be immediately applied to real-world scenarios. Active participation requires a laptop or tablet with a keyboard and web browser access.

Attacking and Defending AWS Workloads
Training by: SANS
Instructors: Serge Borso, Instructor
Date: Tuesday, September 23, 2025 | 8:00 a.m. - 12:00 p.m.
Price: $150.00
Description:
This workshop provides participants with practical, hands-on experience in both offensive and defensive security techniques for Amazon Web Services (AWS) environments. Building upon foundational cloud security concepts, the workshop delves into advanced attack methodologies, including exploiting common misconfigurations, compromising identities, and manipulating cloud services for unauthorized access. Simultaneously, the curriculum emphasizes robust defensive strategies, focusing on effective logging, threat detection engineering, incident response, and the implementation of AWS native security controls to build resilient cloud workloads. Through a series of interactive labs, participants will gain a deeper understanding of the adversarial mindset and develop actionable skills to secure their AWS deployments against evolving threats.

Learning Objectives:
Participants will be able to identify and exploit common misconfigurations in AWS services
Participants will understand techniques for compromising AWS identities and escalating privileges
Participants will learn to analyze AWS logs to detect malicious activity and build effective alerts
Participants will gain experience implementing defensive security controls to protect AWS workloads
Participants will be able to apply incident response procedures for cloud-based security incidents
Participants will understand the shared responsibility model in depth and its implications for security

System Requirements:
Laptop with a modern web browser.
AWS account with root access or an IAM user with Administrator Access permissions.
If you need an AWS account, you can create a free tier account with root access at https://aws.amazon.com/free/. The cost will be minimal (pennies) to complete the workshop.
Basic Understanding of AWS is helpful.

Certification Prep: Getting Started with Sec+
Training by: The University of Alabama in Huntsville
Instructor: TBD
Date: Tuesday, September 23, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $150.00
Description:
CompTIA's Sec+ is considered one of the fundamental certifications in the industry. This training provides an overview of the certification, resources for preparing for the exam, and tips and tricks to help with exam success. The training is an excellent first step in getting familiar with the exam’s structure or just deciding how Sec+ fits in your career path. Participants are asked to bring their own laptops for the training.

Splunk Enterprise Security Hands-On Workshop
Training by: Splunk, A Cisco Company
Instructor: Timothy Dixon, Sr Solutions Engineer
Date: Tuesday, September 23, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $150.00
Description:
Enterprise Security Hands-On is a modular, hands-on designed to familiarize participants with how to investigate incidents using Splunk Enterprise and Splunk Enterprise Security. This workshop provides users an opportunity to walk through multiple scenarios and see first-hand how Enterprise Security can be used from the creation of a notable event to investigate all the way to the raw event that identifies the adversaries action. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to generate notable events and investigate them as they occur in the enterprise.

Adversity-Driven Cyber Resiliency Engineering for Operational Technology
Training by: DoD / Defense Acquisition University
Instructor: Kyle Hoover, Professor of Cybersecurity
Date: Tuesday, September 23, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $150.00
Description:
This course will teach students how to use DoD adversity-driven engineering principles to build security & resiliency (including ‘zero-trust’ capabilities) into information technology (IT) and operational technology (OT) systems in the defense critical infrastructure (DCI) such as industrial control systems (ICS) and DoD weapon systems.The course introduces a loss-based engineering approach to mitigating against adversarial cyber-attacks and how to improve cyber resiliency and cyber survivability using digital security engineering. Students will acquire basic skills in both generating and implementing system, communications, and network requirements that accurately reflect concerns driven by contested cyberspace and provide adversity-driven technical data about system and threat behaviors and outcomes sufficient to inform life cycle engineering, programmatic, and risk decisions.

Critical Infrastructure Cybersecurity Workshop
Training by: SANS
Instructor: Tim Conway, Fellow Instructor
Date: Tuesday, September 23, 2025 | 9:00 a.m. - 4:00 p.m.
Price: $150.00
Description:
This one-day workshop is designed for professionals working in Operational Technology (OT) environments and will explore the evolving threat landscape targeting Industrial Control Systems (ICS) and critical infrastructure. Participants will examine real-world incidents that caused operational disruption and extract key lessons to improve engineering resilience across water, energy, manufacturing, and other critical sectors.

Tim and Dean will emphasize the unique nature of cyber-physical systems and the importance of understanding the safety and engineering context of defending the critical environments that make, move and power our world. Also, there will be alignment with the Top 5 ICS Cybersecurity Critical Controls: building a defensible architecture through secure network segmentation, maintaining accurate asset inventory and communication visibility, ensuring secure remote access, applying risk-based vulnerability management, and developing robust ICS/OT specific incident response and engineering driven recovery capabilities.

Attendees can engage in guided labs to reinforce key concepts and gain practical exposure to ICS/OT components, and leave with foundational skills essential for any effective ICS cybersecurity program and

This workshop is ideal for engineers, IT/OT professionals, cybersecurity practitioners, and decision-makers seeking to strengthen the cybersecurity posture of their industrial environments.

Attacking and Defending Azure Workloads
Training by: SANS
Instructors: Serge Borso, Instructor
Date: Tuesday, September 23, 2025 | 1:00 p.m. - 5:00 p.m.
Price: $150.00
Description:
This comprehensive 4-hour workshop provides participants with practical, hands-on experience in both offensive and defensive security techniques for Microsoft Azure environments. Building upon foundational cloud security concepts, the workshop delves into advanced attack methodologies, including exploiting common misconfigurations, compromising identities within Microsoft Entra ID, and manipulating Azure services for unauthorized access. Simultaneously, the curriculum emphasizes robust defensive strategies, focusing on effective logging with Azure Monitor and Sentinel, threat detection engineering, incident response, and the implementation of Azure native security controls to build resilient cloud workloads. Through a series of interactive labs, participants will gain a deeper understanding of the adversarial mindset and develop actionable skills to secure their Azure deployments against evolving threats.

Learning Objectives:

Participants will be able to identify and exploit common misconfigurations in Azure services
Participants will understand techniques for compromising Microsoft Entra ID identities and escalating privileges
Participants will learn to analyze Azure logs to detect malicious activity and build effective alerts using Azure Monitor and Sentinel
Participants will gain experience implementing defensive security controls to protect Azure workloads
Participants will be able to apply incident response procedures for cloud-based security incidents within Azure
Participants will understand the shared responsibility model in Azure and its implications for security

System Requirements:

Laptop with a modern web browser.
An Azure account with administrator access.
If you need an AWS account, you can create a free tier account with root access. The cost will be minimal (pennies) to complete the workshop.
Basic Understanding of Azure is helpful.

Hype from Reality: Understanding what Generative AI Can and Cannot Do
Training by: SANS
Instructors: Mick Douglas, Instructor
Date: Tuesday, September 23, 2025 | 1:00 p.m. - 5:00 p.m.
Price: $150.00
Description:
This interactive workshop cuts through the AI hype to provide a practical understanding of generative AI's true capabilities and limitations. Through hands-on labs that participants can repeat and explore, attendees will examine how embeddings and vector representations actually function, discover why generative AI excels at certain tasks while failing spectacularly at others, and learn to identify appropriate use cases versus potential pitfalls. The workshop offers extensive content designed for self-paced exploration—participants are encouraged to focus on sections most relevant to their interests and will receive all mini-labs to take home for continued learning beyond the session. A laptop or tablet with keyboard is required for active participation.