Target Audience

• Software Developers & DevOps Engineers
• Team Leads & Engineering Managers
• QA Professionals & Automation Engineers
• Security Forces & Defense Personnel (Technical units)

No prior cybersecurity experience is required.

Workshop Overview

In an era where digital perimeters are dissolving, and cyber threats are becoming increasingly autonomous, traditional defense mechanisms are no longer sufficient. This workshop provides a deep dive into the modern cybersecurity ecosystem, shifting the focus from “if” an attack occurs to “how” we maintain resilience and continuity.

Participants will explore the synergy between Security Operations (SOC), Cloud architecture, and Zero Trust principles. The workshop bridges the gap between development and security, empowering technical stakeholders to understand the full lifecycle of a cyber event, from intelligence gathering to AI-driven response and disaster recovery.

Worshop Objectives

• Demystify the modern SOC stack and the role of the security analyst.
• Implement Zero Trust and Cloud-native security strategies.
• Master the lifecycle of Incident Response and Business Continuity.
• Leverage AI as a force multiplier for both offensive and defensive operations.

Topics

Module 1: The Modern Cyber Landscape & Defense Foundations

• The Evolving Threat Actor: From Script Kiddies to State-Sponsered APTs.
• Zero Trust Architecture (ZTA): Shifting from “Trust but Verify” to “Never Trust, Always Verify.”
• Identity as the New Perimeter: Implementing MFA, Least Privilege Access (LPA), and Micro-segmentation.

Module 2: SOC Operations & Detection Engineering

• The SOC Ecosystem: Tiers of investigation and the mission of the Security Analyst.
• Telemetry & Visibility: Deep dive into SIEM (Splunk/Sentinel), EDR/XDR, and Log Aggregation.
• The Language of Attacks: Mapping threats with the MITRE ATT&CK® Framework (Tactics & Techniques).
• Automation in Defense: Introduction to SOAR and building automated Playbooks.

Module 3: Cloud Security Operations (CloudSecOps)

• Shared Responsibility Model: Securing the infrastructure vs. securing the data.
• Container & Kubernetes Security: Protecting microservices and CI/CD pipelines.
• Cloud Native Security Tools: Introduction to CSPM (Cloud Security Posture Management) and CWPP.

Module 4: Incident Response (IR) & Crisis Management

• The NIST 800-61 Roadmap: Preparation, Detection, Containment, Eradication, and Recovery.
• Triage & Forensics: How to preserve evidence while minimizing downtime.
• Live Simulation: Tabletop exercise on Ransomware containment and executive decision-making.

Module 5: Cyber Intelligence (CTI)

• Intelligence Tiers: Strategic, Tactical, Operational, and Technical (IoCs).
• Dark Web & OSINT: Monitoring underground forums and data leak sites.
• Proactive Defense: Integrating threat feeds into active security controls.

Module 6: Business Continuity (BCP) & Disaster Recovery (DR)

• Resilience Planning: Difference between BCP (Process) and DR (Technical Recovery).
• RTO & RPO: Defining “Recovery Time Objectives” and “Recovery Point Objectives.”
• Data Integrity: Ensuring backups remain uncorrupted during a breach.

Module 7: The AI Revolution in Cybersecurity

• Adversarial AI: How attackers use LLMs for automated malware and social engineering.
• Defensive AI: Anomaly detection, predictive analysis, and autonomous response.
• The Future of Cyber Ops: Using AI to bridge the talent gap and accelerate MTTR (Mean Time To Respond).

Key Takeaways & Participant Value

By the end of this workshop, participants will walk away with:

• Technological Literacy: Mastery of modern security terminology (IOC, TTP, Zero Trust, SOAR).
• Incident Readiness: A clear understanding of their role during a company-wide cyber crisis.
• Strategic Mindset: Ability to integrate security considerations into the development lifecycle (DevSecOps).
• AI Readiness: Practical knowledge of how to utilize AI tools to enhance organizational defense.