Skip to main content
Thomas Roccia & Roberto Rodriguez - Blue Team Arsenal: Python and Generative AI for Threat Intelligence -  $2,000 early
Thomas Roccia & Roberto Rodriguez - Blue Team Arsenal: Python and Generative AI for Threat Intelligence -  $2,000 early

Thomas Roccia & Roberto Rodriguez - Blue Team Arsenal: Python and Generative AI for Threat Intelligence - $2,000 early


Trainer bio:

Thomas Roccia
Thomas Roccia is a security and threat researcher with over 12 years of experience in the cybersecurity industry. He has held positions at leading security companies with a special focus on threat intelligence. Currently, Thomas is working as a Senior Security Researcher at Microsoft. In addition to his work at Microsoft, Thomas also runs SecurityBreak, an online platform where he showcases his latest projects and research findings.

Roberto Rodriguez
Roberto Rodriquez is a Principal Security Researcher at the Microsoft Security Research organization. He is the founder of the Open Threat Research (OTR) community and author of several open-source projects, such as the Threat Hunter Playbook, OSSEM, SimuLand, ATT&CK Python Client, Security Datasets, and more. You can find all his contributions to the InfoSec community in the open OTR GitHub repository and can follow him in Twitter @Cyb3rWard0g.

Trainer social media links:
@fr0gger_ / @Cyb3rWard0g.

Full description of the training:
In the fast-paced world of cyber security, threat intelligence plays a critical role in an organization's defense strategy, empowering defenders with deep understanding of adversary tradecraft and their threat landscape. For a threat intelligence analyst, the abilities to collect and connect information from a wide variety of data sources and dive deep into malicious software are essential. Imagine streamlining these processes by building your own tools leveraging artificial intelligence.

In this 2-day class, you will learn to use Python to collect and analyze threat data, build your own custom tools, and integrate the power for Generative AI to transform your technical approach to threat intelligence. We will combine theory with practical, hands-on exercises, giving you the opportunity to apply all these concepts in real-world scenarios. By the end of this course, you will have the necessary skills and tools to unlock new capabilities into your threat intelligence cycle.

# Why you should take this course?
By attending this class, students will create custom tools in Python to enhance traditional in-depth analysis and automation in threat intelligence workflows. They will also learn how to programmatically merge diverse data sources for a more contextual understanding of cyber threats. This class is ideal for those looking to deepen their expertise, embrace new technologies like AI in their methodologies, and stay competitive in a field that's constantly evolving. It’s an opportunity to not only learn but also apply these skills in real-world scenarios and to transform your career with the necessary skills of tomorrow.

Generative AI is reshaping our digital landscape and it's crucial to not only grasp the fundamentals but also to adapt and innovate. Our class does just that – it teaches the core principles of threat intelligence and then takes a step further by integrating the revolutionary potential of generative AI, especially its natural language processing capabilities. These skills are key to enhancing traditional tool development and threat analysis processes.

# Who Should Take This Course
Any curious cybersecurity professional seeking to sharpen their threat intelligence skills, introduce automation into their workflows with Python, and implement Generative AI to unlock new capabilities in their threat intelligence cycle.

# Student Requirements
Students should be familiar with the fundamentals of the threat intelligence cycle, feel comfortable with an intermediate level of python programming and understand basic techniques for malware analysis. In addition, students must have a GitHub account (personal or work) to access course materials.

We designed this training to be highly practical and a career-transforming opportunity for attendees. It's not just another course; it's a chance to enhance your skills, create your own portfolio, and learn from seasoned threat analysts familiar with the most renowned threats in the field. More than a training, it instills a threat analyst's mindset.

# Info about the Trainers
My co-trainer, Roberto Rodriguez, and I, Thomas Roccia, have dedicated significant time to designing and building this unique, innovative, and highly practical training. Attendees will not only build their portfolio but also learn from our field experience. Roberto brings a deep understanding of attackers tradecraft, while my expertise lies in threat intelligence and incident response. Our stories and experiences are woven throughout the training, sharing our mindset and approach to work. We have also been pioneers in applying generative AI to threat intelligence.

I firmly believe that this training imparts the skills of tomorrow. More importantly, it instills a mindset that we aim to pass on to our attendees.

Short description of what the student will know how to do, after completing the class:
# Top 3 takeaways
Students will learn to:
* Build and showcase Python-based tools and workflows for in-depth analysis and automation in threat intelligence.
* Programmatically integrate diverse data sources, enhancing threat intelligence with a more comprehensive and contextual understanding of cyber threats.
* Leverage generative AI to apply natural language processing capabilities, enhancing the threat intelligence cycle.

Outline of the class:
Day 1
Introductions & course overview 
The threat intelligence cycle 
Python fundamentals 
Demystifying Generative AI 

Day 2Collect and analyze data 
Disseminate threat intelligence 
MSTICPy for enhancing threat intelligence analysis 
Retrieval Augmented Generation (RAG) techniques 
Building your own agents for threat intelligence 

Technical difficulty of the class:
Beginner to Intermediate

Suggested prerequisites for the class:

Python basic, Threat Intelligence fundamentals.

Items students will need to provide:
We have designed this training to run on GitHub Codespace. The only requirements are a GitHub account, a network connection, and a laptop.

DATE: August 12th-13th, 2024

TIME: 8am to 5pm PDT

VENUE: Sahara Las Vegas

TRAINER: Thomas Roccia & Roberto Rodriguez

- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included

Registration terms and conditions:

Trainings are refundable before July 1st, the processing fee is $250.

Trainings are non-refundable after July 10th, 2024.

Training tickets may be transferred. Please email us for specifics.

Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.

By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.