Learn the essential skills and strategies to kickstart your career in cybersecurity. Sigita Andrulionytė will share her insights and practical advice on how to stand out in the competitive job market.

Analyst Workshop is aimed at providing participants with common workflows and analysis that a security analyst would leverage daily.

Module 1: Data Navigation and Visualization
- Discover Data: power of a normalization Schema and free text search
- Lens: Explore security data with Visualization building
- Security Dashboards and Reporting

Module 2: Guided Investigations
- Investigate alerts and events with triage
- Guided threat hunting with data exploration
- Host Analytics
- Network Analytics
- User Analytics

Module 3: Threat Detection and Investigation
- Alert Triage
- Timelining of events and alerts
- Event Analyzer for chronological alert investigations
- Session Viewer
- Case management workflows to collaborate and aggregate investigation findings

Module 4: Dark Radiation Ransomware Investigation
- Day in the life of an Analyst
- Scenario brings together all the concepts learned in modules 1-3

Workshop Takeaways
- Ability to leverage the Elastic Security for Incident Response
- Ability to understand common workflows for cyber security tasks
- Ability to create security focused visualizations
- Ability to take a proactive approach with Elastic Security
- Ability to apply comprehensive incident response with a case management workflow

Who should attend?
- SOC Analysts / Engineers / Administrators
- Incident Responders & Threat Hunters

Attendee Prerequisites
- Eyes on Glass, Analyst Experience with Elastic Security or any other SIEM or Security Analytics Solutions
- An understanding of current security operations procedures
- An understanding of currently available data sources, desired integrations (other SIEM, UEBA, SOAR, etc)

During this interactive CTF you’ll get hands-on with Security experience - competing against fellow security practitioners in the hunt for threats. Within a real attack scenario, participants will hone their security skills, interact with fellow practitioners, and experience threat hunting and SecOps workflows.

What will you learn?

• Learn about SIEM features and capabilities
• Immediately put your new knowledge into practice
• Hunt and investigate within a CTF exercise based on a real attack scenario
• Win some cool prizes 🏆

• A computer with a fast internet connection and a modern browser (e.g., Chrome)
• An understanding of endpoint and network fundamentals is required.
• Experience working in an IT or security operations role such as SOC or incident response analyst is strongly preferred.
• Experience using a SIEM and knowledge of adversary tradecraft are a bonus.