Dates: August 29th, 30th, and 31st
Workshop Overview
This 3-day intensive hands-on training workshop is designed to equip participants with the practical skills and real-world experience required to detect, respond to, and mitigate cybersecurity threats.
The program is tailored for professionals in academic institutions, corporate environments, and government departments, ensuring the broad applicability of techniques across different sectors.
Unlike lecture-based training, this workshop emphasizes lab-driven learning, simulations, and team exercises, giving participants the confidence and readiness to contribute to cybersecurity defense efforts from day one.
Training Schedule
Day 1 – August 29th
Theme: Threat Detection & System Monitoring
Morning Session
-
Welcome & orientation
-
The evolving cyber threat landscape
-
Introduction to log generation and monitoring (Windows Event Logs, Sysmon)
Hands-On Labs
-
Install and configure Sysmon
-
Capture and analyze process creation, network activity, and file changes
Afternoon Session
-
Real-world attack simulation: Identifying Indicators of Compromise (IoCs)
-
Hands-on log analysis and anomaly detection
-
Group discussion: Challenges of endpoint monitoring in academic, corporate, and government systems
Key Takeaway: Participants gain skills in system monitoring and endpoint-level detection using real log data.
Day 2 – August 30th
Theme: Incident Response & Forensics
Morning Session
-
The incident response lifecycle: Preparation, Detection, Containment, Eradication, Recovery
-
Evidence handling and chain of custody
-
Tools for live system investigation and forensic imaging
Hands-On Labs
-
Perform live incident response on a compromised system
-
Memory forensics with Volatility
-
Disk forensics with FTK Imager and Autopsy
Afternoon Session
-
Simulated ransomware outbreak response
-
Team-based drill: Containment, eradication, and recovery planning
-
Cross-sector discussion: Incident response challenges in universities, corporations, and government agencies
Key Takeaway: Participants develop practical incident response and digital forensics skills, enabling them to investigate and mitigate attacks effectively.
Day 3 – August 31st
Theme: SIEM Operations & Capstone Case Studies
Morning Session
-
Introduction to SIEM: Splunk & Elastic Stack
-
Log ingestion, parsing, and correlation rules
-
Threat hunting with the MITRE ATT&CK framework
Hands-On Labs
-
Build detection queries in Splunk/Elastic
-
Create dashboards and alerts for common attacks (brute force, privilege escalation, lateral movement)
Afternoon Session
-
Capstone Exercise: Full attack–defense simulation using SIEM + endpoint logs
-
Case Study: Investigating a multi-stage attack across academic, corporate, and government environments
-
Final review, feedback session, and certification ceremony
Key Takeaway: Participants leave with SIEM proficiency, log correlation expertise, and full-attack investigation experience.
Workshop Format
-
Dates: August 29–31
-
Duration: 3 days, 8:30 AM – 4:30 PM
-
Format: 20% mini-lectures, 70% hands-on labs, 10% case studies/discussions
-
Delivery: In-person (with hybrid option available)
-
Tools & Platforms: Sysmon, Splunk, Elastic SIEM, Kali Linux, Wireshark, Volatility, FTK Imager, Autopsy, MITRE ATT&CK
Who Should Attend
-
IT and cybersecurity professionals in academia, business, or government
-
Early to mid-career security specialists
-
Managers and technical leaders seeking hands-on security exposure
Expected Outcomes
By the end of the workshop, participants will:
✔ Gain job-ready, practical cybersecurity skills
✔ Conduct threat detection, incident response, and log analysis
✔ Apply SIEM tools for real-time monitoring and threat hunting
✔ Leave with a certificate of completion and a portfolio of lab-based exercises