BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Antisyphon Training - ECPv6.15.17.1//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-ORIGINAL-URL:https://www.antisyphontraining.com
X-WR-CALDESC:Events for Antisyphon Training
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/Denver
BEGIN:DAYLIGHT
TZOFFSETFROM:-0700
TZOFFSETTO:-0600
TZNAME:MDT
DTSTART:20250309T090000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0600
TZOFFSETTO:-0700
TZNAME:MST
DTSTART:20251102T080000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0700
TZOFFSETTO:-0600
TZNAME:MDT
DTSTART:20260308T090000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0600
TZOFFSETTO:-0700
TZNAME:MST
DTSTART:20261101T080000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0700
TZOFFSETTO:-0600
TZNAME:MDT
DTSTART:20270314T090000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0600
TZOFFSETTO:-0700
TZNAME:MST
DTSTART:20271107T080000
END:STANDARD
END:VTIMEZONE
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20250309T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20251102T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20260308T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20261101T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20270314T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20271107T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T144641Z
LAST-MODIFIED:20251107T144641Z
UID:10000841-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Breaching the Cloud with Beau Bullock
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/breaching-the-cloud-with-beau-bullock-6/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T144747Z
LAST-MODIFIED:20251107T144747Z
UID:10000842-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Building a C2 Framework in Go with Faan Rossouw
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/building-a-c2-framework-in-go-with-faan-rossouw/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T144905Z
LAST-MODIFIED:20251107T144905Z
UID:10000843-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Defending M365 and Azure with Kevin Klingbile
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/defending-m365-and-azure-with-kevin-klingbile/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145030Z
LAST-MODIFIED:20251107T145030Z
UID:10000844-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Foundations of Security Operations with Hayden Covington
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/foundations-of-security-operations-with-hayden-covington/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145221Z
LAST-MODIFIED:20251107T145221Z
UID:10000845-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Offense for Defense with Mike Saunders and Corey Overstreet
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/offense-for-defense-with-mike-saunders-and-corey-overstreet/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145226Z
LAST-MODIFIED:20251107T145226Z
UID:10000846-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Next Level OSINT with Mishaal Khan
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/next-level-osint-with-mishaal-khan-2/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145229Z
LAST-MODIFIED:20251107T145229Z
UID:10000847-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Network Forensics and Incident Response with Troy Wojewoda
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/network-forensics-and-incident-response-with-troy-wojewoda-4/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145234Z
LAST-MODIFIED:20251107T145234Z
UID:10000848-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Modern Webapp Pentesting with BB King
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/modern-webapp-pentesting-with-bb-king-2/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145245Z
LAST-MODIFIED:20251107T145245Z
UID:10000849-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Hacking Active Directory: Fundamentals and Techniques with Dale Hobbs
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/hacking-active-directory-fundamentals-and-techniques-with-dale-hobbs-4/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145625Z
LAST-MODIFIED:20251107T145625Z
UID:10000853-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Offensive Tooling for Operators with Chris Traynor
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/offensive-tooling-for-operators-with-chris-traynor-2/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145629Z
LAST-MODIFIED:20251107T145629Z
UID:10000852-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Penetration Testing: Beyond the Basics with Tim Medin
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/penetration-testing-beyond-the-basics-with-tim-medin-3/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145635Z
LAST-MODIFIED:20251107T145635Z
UID:10000851-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Secure Coding & API Hardening: Hands-On Secure Design\, Development\, and Threat Modeling with Tanya Janca
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/secure-coding-api-hardening-hands-on-secure-design-development-and-threat-modeling-with-tanya-janca/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20260210T083000
DTEND;TZID=America/Denver:20260211T170000
DTSTAMP:20260403T150325
CREATED:20251107T145639Z
LAST-MODIFIED:20251107T145639Z
UID:10000850-1770712200-1770829200@www.antisyphontraining.com
SUMMARY:Practical iOS Application Security Testing with Cameron Cartier and Dave Blandford
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/practical-ios-application-security-testing-with-cameron-cartier-and-dave-blandford/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260218T120000
DTEND;TZID=America/New_York:20260218T130000
DTSTAMP:20260403T150325
CREATED:20260130T090808Z
LAST-MODIFIED:20260225T160539Z
UID:10000892-1771416000-1771419600@www.antisyphontraining.com
SUMMARY:Anti-Cast: Adapting to Active Directory Security Enhancements with Eric Kuehn
DESCRIPTION:Are your go-to Active Directory attacks quietly failing without you noticing? \n\n\n\nJoin Eric Kuehn\, Principal Security Consultant at Secure Ideas\, for a free one-hour training session that takes a deep dive into the security enhancements Microsoft has introduced to Active Directory over the past few years and how they are reshaping the way penetration testers and defenders operate. \n\n\n\nYou’ll learn how long-reliable attack paths now break\, how successful attacks may leave new and unexpected traces\, and what these changes mean for staying stealthy during an engagement. \n\n\n\nEric will teach you the latest AD hardening features\, the new detection opportunities they create\, and the practical changes testers and defenders can make to improve their tradecraft right away. \n\n\n\n\nRegister Here\n\n\n\n\nJoin us for PreShow Banter™ at 11:30 AM ETChat with your fellow attendees in the BHIS Discord server:https://discord.gg/bhis in the #🔴live-chat channel \n\n\n\nStay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com \n\n\n\nDon’t forget to check out our Course Catalog for our upcoming free and affordable cybersecurity training! \n\n\n\n 
URL:https://www.antisyphontraining.com/event/anti-cast-adapting-to-active-directory-security-enhancements-with-eric-kuehn/
CATEGORIES:Anti-Cast
ATTACH;FMTTYPE=image/webp:https://www.antisyphontraining.com/wp-content/uploads/2026/01/Adapting-to-Active-Directory-Security-Enhancements-with-Eric-Kuehn.webp
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260223T120000
DTEND;TZID=America/New_York:20260226T160000
DTSTAMP:20260403T150325
CREATED:20251202T211744Z
LAST-MODIFIED:20260218T210801Z
UID:10000859-1771848000-1772121600@www.antisyphontraining.com
SUMMARY:Cybersecurity Foundations
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/cybersecurity-foundations-1/
CATEGORIES:Blue Team,Fundamentals,Mitre Att&ck,Pay What You Can
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260225T120000
DTEND;TZID=America/New_York:20260225T130000
DTSTAMP:20260403T150325
CREATED:20260130T090806Z
LAST-MODIFIED:20260130T090809Z
UID:10000893-1772020800-1772024400@www.antisyphontraining.com
SUMMARY:Anti-Cast: Red Teaming AI: OWASP LLM Top 10 with Brian and Derek
DESCRIPTION:Join AI researchers Brian Fehrman and Derek Banks for a free one-hour training session that breaks down the OWASP Top 10 AI-LLM risks clearly and practically. \n\n\n\nYou’ll learn in this Antisyphon Anti-cast how LLM security issues show up in real systems\, how attackers test them\, and what to focus on to secure AI applications with a practical\, security-first mindset. \n\n\n\n\nRegister Here\n\n\n\n\nJoin us for PreShow Banter™ at 11:30 AM ETChat with your fellow attendees in the BHIS Discord server:https://discord.gg/bhis in the #🔴live-chat channel \n\n\n\nStay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com \n\n\n\nDon’t forget to check out our Course Catalog for our upcoming free and affordable cybersecurity training! \n\n\n\n 
URL:https://www.antisyphontraining.com/event/anti-cast-red-teaming-ai-owasp-llm-top-10-with-brian-and-derek/
CATEGORIES:Anti-Cast
ATTACH;FMTTYPE=image/webp:https://www.antisyphontraining.com/wp-content/uploads/2026/01/Red-Teaming-AI-OWASP-LLM-Top-10-with-Brian-and-Derek.webp
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260304T120000
DTEND;TZID=America/New_York:20260304T130000
DTSTAMP:20260403T150325
CREATED:20260225T161324Z
LAST-MODIFIED:20260225T161327Z
UID:10000920-1772625600-1772629200@www.antisyphontraining.com
SUMMARY:Preparing IR for AI Incidents with Gerard Johansen
DESCRIPTION:Is your Incident Response plan AI ready? \n\n\n\nJoin us for a free one-hour training session with incident management expert and instructor Gerard Johansen\, where he’ll teach how to adapt your Incident Response plan to AI-related risks and threats. \n\n\n\nYou’ll learn how AI incidents actually happen and how to respond to them. \n\n\n\nGerard will also cover what to include in your incident response plan so you’re prepared as your organization adopts AI. \n\n\n\n\nRegister Here\n\n\n\n\nJoin us for PreShow Banter™ at 11:30 AM ETChat with your fellow attendees in the BHIS Discord server:https://discord.gg/bhis in the #🔴live-chat channel \n\n\n\nStay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com \n\n\n\nDon’t forget to check out our Course Catalog for our upcoming free and affordable cybersecurity training! \n\n\n\n 
URL:https://www.antisyphontraining.com/event/preparing-ir-for-ai-incidents-with-gerard-johansen/
CATEGORIES:Anti-Cast
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/02/Preparing-IR-for-AI-Incidents-with-Gerard-Johansen.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260306T120000
DTEND;TZID=America/New_York:20260306T160000
DTSTAMP:20260403T150325
CREATED:20260127T162525Z
LAST-MODIFIED:20260224T233756Z
UID:10000890-1772798400-1772812800@www.antisyphontraining.com
SUMMARY:Workshop: Hacking AI-LLM Applications
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/workshop-hacking-ai-llm-applications/
CATEGORIES:Artificial Intelligence,Blue Team,Pay What You Can,Workshop
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260310T100000
DTEND;TZID=America/New_York:20260310T160000
DTSTAMP:20260403T150325
CREATED:20260225T190517Z
LAST-MODIFIED:20260225T190517Z
UID:10000922-1773136800-1773158400@www.antisyphontraining.com
SUMMARY:Workshop: Job Hunt Like a Hacker - 2026 Edition
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/workshop-job-hunt-like-a-hacker-2026-edition/
CATEGORIES:Pay What You Can,Workshop
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260311T120000
DTEND;TZID=America/New_York:20260311T130000
DTSTAMP:20260403T150325
CREATED:20260306T145621Z
LAST-MODIFIED:20260306T145624Z
UID:10000924-1773230400-1773234000@www.antisyphontraining.com
SUMMARY:Anti-Cast: How to Detect Malicious Remote Workers with James McQuiggan
DESCRIPTION:Could a nation-state threat actor get hired and stay invisible to your SOC? \n\n\n\nJoin us for a free one-hour training session with James McQuiggan\, CISSP and Advisory CISO\, as he teaches you the full lifecycle of North Korea’s AI-enabled IT worker operation\, from AI-generated identities and U.S.-based laptop farms to the data theft and extortion that follow once they’re inside. \n\n\n\nYou’ll learn a practical detection and hunting playbook covering behavioral anomalies\, identity red flags\, and post-hire SOC indicators that catch what background checks miss. \n\n\n\nIf your SOC isn’t hunting for threats that were hired legitimately\, this Antisyphon Anti-cast will change that. \n\n\n\n\nRegister Here\n\n\n\n\nJoin us for PreShow Banter™ at 11:30 AM ETChat with your fellow attendees in the BHIS Discord server:https://discord.gg/bhis in the #🔴live-chat channel \n\n\n\nStay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com \n\n\n\nDon’t forget to check out our Course Catalog for our upcoming free and affordable cybersecurity training! \n\n\n\n 
URL:https://www.antisyphontraining.com/event/anti-cast-how-to-detect-malicious-remote-workers-with-james-mcquiggan/
CATEGORIES:Anti-Cast
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/03/maxresdefault_live.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260313T120000
DTEND;TZID=America/New_York:20260313T160000
DTSTAMP:20260403T150325
CREATED:20260210T165830Z
LAST-MODIFIED:20260210T170916Z
UID:10000916-1773403200-1773417600@www.antisyphontraining.com
SUMMARY:Workshop: Foundations of Dynamic Analysis for AppSec
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/workshop-foundations-of-dynamic-analysis-for-appsec/
CATEGORIES:Dynamic Analysis,Program Architecture
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260316T100000
DTEND;TZID=America/New_York:20260317T180000
DTSTAMP:20260403T150325
CREATED:20260223T065621Z
LAST-MODIFIED:20260313T155508Z
UID:10000919-1773655200-1773770400@www.antisyphontraining.com
SUMMARY:Attacking\, Defending\, and Leveraging AI-LLM Systems
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/attacking-defending-and-leveraging-ai-llm-systems/
CATEGORIES:Artificial Intelligence,Blue Team,LLM,Red Team
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260317T140000
DTEND;TZID=America/New_York:20260526T160000
DTSTAMP:20260403T150325
CREATED:20251105T172706Z
LAST-MODIFIED:20260304T155430Z
UID:10000834-1773756000-1779811200@www.antisyphontraining.com
SUMMARY:Professionally Evil CISSP Mentorship Program
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/professionally-evil-cissp-mentorship-program-4/
CATEGORIES:CISSP Training,Pay What You Can,SecureIdeas
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260318T120000
DTEND;TZID=America/New_York:20260318T130000
DTSTAMP:20260403T150325
CREATED:20260303T144553Z
LAST-MODIFIED:20260303T144556Z
UID:10000923-1773835200-1773838800@www.antisyphontraining.com
SUMMARY:Anti-Cast: Securing the Cloud in the Age of AI with Andrew Krug
DESCRIPTION:Existential Courage: The Hitchhiker’s Guide to Surviving AI in Cloud \n\n\n\nCan AI really help secure the cloud\, or is it quietly making things worse? \n\n\n\nJoin Antisyphon instructor and security researcher Andrew Krug for a free one-hour Anti-cast on what really happens when AI collides with cloud security. \n\n\n\nAndrew will cut through the hype and look at how LLMs affect IAM\, monitoring\, governance\, and real-world risk. \n\n\n\nLearn where AI helps\, where it hallucinates\, and how to defend cloud environments without panic. \n\n\n\nExpect practical insights\, grounded strategy\, and a bit of cosmic humor. Bring your towel. Don’t panic. \n\n\n\n\nRegister Here\n\n\n\n\nJoin us for PreShow Banter™ at 11:30 AM ETChat with your fellow attendees in the BHIS Discord server:https://discord.gg/bhis in the #🔴live-chat channel \n\n\n\nStay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com \n\n\n\nDon’t forget to check out our Course Catalog for our upcoming free and affordable cybersecurity training! \n\n\n\n 
URL:https://www.antisyphontraining.com/event/anti-cast-securing-the-cloud-in-the-age-of-ai-with-andrew-krug/
CATEGORIES:Anti-Cast
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/02/maxresdefault_live-5.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260323T100000
DTEND;TZID=America/New_York:20260324T180000
DTSTAMP:20260403T150325
CREATED:20260218T164308Z
LAST-MODIFIED:20260218T170302Z
UID:10000917-1774260000-1774375200@www.antisyphontraining.com
SUMMARY:Red Team Fundamentals for Active Directory
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/red-team-fundamentals-for-active-directory/
CATEGORIES:Fundamentals,Pay What You Can,Red Team,SecureIdeas
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260325T100000
DTEND;TZID=America/New_York:20260325T102500
DTSTAMP:20260403T150325
CREATED:20260122T211713Z
LAST-MODIFIED:20260123T174952Z
UID:10000878-1774432800-1774434300@www.antisyphontraining.com
SUMMARY:SOC Summit Talk: Needle Hunting: An Endpoint Investigation Cheat Sheet
DESCRIPTION:With Patterson Cake \n\n\n\n\n\n\n\nHow do you investigate – let alone understand – an endpoint operating system with more than 50 million lines of code? \n\n\n\nJoin Patterson Cake\, Black Hills Infosec Director of Incident Response\, for a technical session outlining a prioritized approach to endpoint investigations\, focusing on where and how unauthorized access and activity impact Windows and Linux. \n\n\n\nYou’ll learn about the endpoint “attack surface\,” prioritization of operating-system artifact selection\, suggested workflow for artifact acquisition\, and a methodology for identification of indicators of compromise. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow SOC Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n This talk is part of the Antisyphon Training SOC Summit\, a free\, 6-hour\, live virtual event designed to give you an honest\, practical look at what it’s really like to work in a SOC. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available March 26-April 10 to help you deepen your skills and become more effective at protecting what matters most. \n\n\n\nPatterson Cake will be teaching his Incident Response Simplified class on April 3. \n\n\n\n\nLearn more about the SOC Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nPatterson Cake\n\n\n\n\nBio\n\n\n\nPatterson Cake joined the Black Hills Information Security (BHIS) pirate ship in June of 2023 as a Security Analyst focusing primarily on detection engineering and digital forensics and incident response. He chose BHIS because\, to paraphrase\, “doing cool stuff with cool people” and “making the world a better/safer place” is exactly how he wants to spend his professional time and energy. It also helps that he has a bit of history with a couple of awesome folks that have been with BHIS for many moons. Prior to joining the team\, Patterson helped build and lead a DFIR practice for an MSSP\, worked as a senior security engineer for AWS Managed Services\, and spent several years in enterprise cybersecurity\, often healthcare related\, focusing on intermingling offensive security and incident response in technical and leadership roles. Outside of work\, he enjoys spending time with his family\, which often involves motorcycles\, outdoor sports\, movies\, and music. \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/soc-summit-talk-needle-hunting-an-endpoint-investigation-cheat-sheet/
CATEGORIES:Blue Team,Incident Response,SOC
ATTACH;FMTTYPE=image/webp:https://www.antisyphontraining.com/wp-content/uploads/2026/01/Talk_Needle-Hunting-An-Endpoint-Investigation-Cheat-Sheet_Patterson-Cake.webp
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260325T100000
DTEND;TZID=America/New_York:20260325T160000
DTSTAMP:20260403T150325
CREATED:20260123T201514Z
LAST-MODIFIED:20260327T153444Z
UID:10000889-1774432800-1774454400@www.antisyphontraining.com
SUMMARY:SOC Summit
DESCRIPTION:Summit: \n\n\n\n\nMarch 25 @ 10:00 am – 4:00 pm EDT \n\n\n\n\n\nLive Training: \n\n\n\nMarch 26 – April 10 \n\n\n\n\n\n\n\n\n\nREGISTER FOR SUMMIT ONLY\n\n\n\nREGISTER FOR LIVE TRAINING\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nSecurity Operations Centers are where defenders grow\, pressure is real\, and impact matters. \n\n\n\n \n\n\n\nThe Antisyphon Training SOC Summit is a free\, 6-hour\, live virtual event designed to give you an honest\, practical look at what it’s really like to work in a SOC. \n\n\n\n \n\n\n\nOn March 25th\, 2026\, join thousands of security practitioners and aspiring defenders from across the community as experienced professionals break down day-to-day SOC life\, essential technical skills\, and career insights to help you break in\, level up\, or pivot with confidence. \n\n\n\n \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses will be available after the Summit to help you deepen your skills and become more effective at protecting what matters most. \n\n\n\n\n\n\n\n\nSummit Schedule – All Times Eastern U.S.\n\n\n\n\n9:30 – PreShow Banter\n\n\n\n10:00 – Patterson Cake – Needle Hunting: An Endpoint Investigation Cheat Sheet\n\n\n\n10:30 – Seth Williams – Practical Email Forensics with EML Analyzer\n\n\n\n11:00 – Ashley Knowles – Using Pentest Findings to Improve Detections\n\n\n\n11:30 – Wade Wells – Augmented Detection Engineering\n\n\n\n12:00 – Ched Wiggins – Static Email Analysis\n\n\n\n12:30 – Bruce Potter – How UI/UX Impacts SOC Performance\n\n\n\n1:00 – Troy Wojewoda – Detecting Malware with YARA Rules\n\n\n\n1:30 – LUNCH BREAK\n\n\n\n2:00 – Santiago Bassett – Proactive Threat Prevention with Wazuh\n\n\n\n2:30 – Dan Rearden – One Sigma to Rule Them All\n\n\n\n3:00 – Hayden Covington – From Cyber Threat Intelligence (CTI) to Detection\n\n\n\n3:30 – Carrie Roberts – Validate Security Controls with Atomic Red Team\n\n\n\n4:00 – CLOSING REMARKS\n\n\n\n\n\n\n\n\nTalk Schedule – All Times Eastern U.S.\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Needle Hunting: An Endpoint Investigation Cheat SheetPatterson CakeMarch 25 @ 10:00 am – 10:25 am EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Practical Email Forensics with EML AnalyzerSeth WilliamsMarch 25 @ 10:30 am – 10:55 am EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Using Pentest Findings to Improve DetectionsAshley KnowlesMarch 25 @ 11:00 am – 11:25 am EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Augmented Detection EngineeringWade WellsMarch 25 @ 11:30 am – 11:55 am EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Static Email AnalysisChed WigginsMarch 25 @ 12:00 pm – 12:25 pm EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: How UI/UX Impacts SOC PerformanceBruce PotterMarch 25 @ 12:30 pm – 12:55 pm EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Detecting Malware with YARA RulesTroy WojewodaMarch 25 @ 1:00 pm – 1:25 pm EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Proactive Threat Prevention with WazuhSantiago BassetMarch 25 @ 2:00 pm – 2:25 pm EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: One Sigma to Rule Them AllDan ReardenMarch 25 @ 2:30 pm – 2:55 pm EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: From Cyber Threat Intelligence (CTI) to DetectionHayden CovingtonMarch 25 @ 3:00 pm – 3:25 pm EDT \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSOC Summit Talk: Validate Security Controls with Atomic Red TeamCarrie RobertsMarch 25 @ 3:30 pm – 3:55 pm EDT \n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nTake Your Learning Further with LIVE Hands-On Training \n\n\n\nTraining Classes Include: \n\n\n\n\n\n\n\n\n\n\nCybersecurity Incident CommandGerard JohansenMarch 26-27 @ 10:00 am – 6:00 pm EDT$575 \n\n\n\n\n\n\n\n\n\n\n\nNetwork Forensics and Incident ResponseTroy WojewodaMarch 30-31 @ 10:00 am – 6:00 pm EDT$575 \n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nSecuring the Cloud: FoundationsAndrew KrugApril 1-2 @ 10:00 am – 6:00 pm EDT$575 \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\nIncident Response SimplifiedPatterson CakeApril 3 @ 10:00 am – 6:00 pm EDT$295 \n\n\n\n\n\n\n\n\n\n\n\nSOC Core Skills with John StrandJohn StrandApril 6-9 @ 12:00 pm – 4:00 pm EDT$25-$300 \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\nWorkshop: SOC Detection Engineering Crash CourseHayden CovingtonApril 10 @ 12:00 pm – 4:00 pm EDT$25-$300 \n\n\n\n \n\n\n\n\n\n\nHave a Training Budget? \n\n\n\nWe have reimbursement form templates specially crafted for our SOC Summit training offerings! \n\n\n\n\nCybersecurity Incident Command –  Template\n\n\n\nIncident Response Simplified – Template\n\n\n\nNetwork Forensics and Incident Response – Template\n\n\n\nSecuring the Cloud Foundations –  Template\n\n\n\n\nWhy Attend Antisyphon Training Events?Antisyphon Training Summits are built on a commitment to fostering community and engagement. Our events encourage connections between attendees\, instructors\, and industry leaders. Join us to learn\, collaborate\, and grow your network in the cybersecurity community.
URL:https://www.antisyphontraining.com/event/soc-summit/
CATEGORIES:Summit
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260325T103000
DTEND;TZID=America/New_York:20260325T105500
DTSTAMP:20260403T150325
CREATED:20260122T211538Z
LAST-MODIFIED:20260123T174935Z
UID:10000879-1774434600-1774436100@www.antisyphontraining.com
SUMMARY:SOC Summit Talk: Practical Email Forensics with EML Analyzer
DESCRIPTION:With Seth Williams \n\n\n\n\n\n\n\nWhen you’re handed a suspicious email\, how do you investigate what it is really doing? \n\n\n\nIn this 25-minute technical presentation\, Seth Williams will walk through hands-on email forensics using Sublime Security’s free EML Analyzer\, teaching you how to break down raw email files to uncover the true mechanics of phishing\, malware delivery\, and social engineering attacks. \n\n\n\nYou’ll learn how to quickly review headers\, authentication results\, URLs\, attachments\, and metadata to validate detections\, explain why an email is dangerous\, and confidently decide when to escalate or close alerts and user reports. \n\n\n\nSharpen your email analysis skills and improve triage with evidence-based investigations. \n\n\n\nEML Analyzer – Sublime Security \n\n\n\nWe invited Seth and Sublime Security to present because their free tool can help you improve your suspicious email investigations today. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow SOC Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n This talk is part of the Antisyphon Training SOC Summit\, a free\, 6-hour\, live virtual event designed to give you an honest\, practical look at what it’s really like to work in a SOC. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available March 26-April 10 to help you deepen your skills and become more effective at protecting what matters most. \n\n\n\n\nLearn more about the SOC Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nSeth Williams\n\n\n\n\nBio\n\n\n\nSeth Williams is the Global Partner CTO at Sublime Security\, where he builds and scales partner ecosystems across MSSPs\, VARs\, GSIs\, and technical alliances\, helping partners and customers achieve real-world security outcomes. With a career that spans federal and commercial security architecture\, large-scale SIEM operations\, professional services leadership\, and security strategy\, Seth brings a practical understanding of how security actually works in the field. He focuses on clear technical alignment\, cutting through complexity\, and turning advanced security capabilities into straightforward\, dependable solutions that partners can deliver confidently. \n\n\n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n 
URL:https://www.antisyphontraining.com/event/soc-summit-talk-practical-email-forensics-with-eml-analyzer/
CATEGORIES:Blue Team,Forensics,SOC
ATTACH;FMTTYPE=image/webp:https://www.antisyphontraining.com/wp-content/uploads/2026/01/Talk_Practical-Email-Forensics-with-EML-Analyzer_Seth-Williams.webp
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260325T110000
DTEND;TZID=America/New_York:20260325T112500
DTSTAMP:20260403T150325
CREATED:20260122T211157Z
LAST-MODIFIED:20260123T175008Z
UID:10000880-1774436400-1774437900@www.antisyphontraining.com
SUMMARY:SOC Summit Talk: Using Pentest Findings to Improve Detections
DESCRIPTION:With Ashley Knowles \n\n\n\n\n\n\n\nAre your pentest reports actually helping you make your detections better? \n\n\n\nPenetration tests reveal more than exploited or identified vulnerabilities. They can also expose blind spots in visibility and detections. \n\n\n\nJoin Ashley Knowles\, a Black Hills InfoSec Security Consultant\, for a 25-minute technical presentation where she will draw on real-world penetration testing experience to help you close coverage gaps. \n\n\n\nYou’ll learn how to turn penetration test findings into actionable improvements for alerting\, coverage\, and detections. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow SOC Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n This talk is part of the Antisyphon Training SOC Summit\, a free\, 6-hour\, live virtual event designed to give you an honest\, practical look at what it’s really like to work in a SOC. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available March 26-April 10 to help you deepen your skills and become more effective at protecting what matters most. \n\n\n\n\nLearn more about the SOC Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nAshley Knowles\n\n\n\n\nBio\n\n\n\nAshley Knowles joined Black Hills Information Security (BHIS) in Fall 2021. As a Security Consultant\, Ashley’s role is to perform network (internal/external)\, social engineering\, and cloud penetration tests\, as well as participating in red team assessments. Since joining the infosec community in 2013\, she has developed and taught hacking classes\, worked as a security consultant\, and been a team lead on a red team. Ashley serves as a mentor at a local high school’s cybersecurity class and\, as someone who loves to learn and teach\, she looks forward to developing and teaching classes that add to BHIS’s educational catalogue. In her free time\, Ashely enjoys photography\, hiking and exploring new places with her kids\, and building Legos. \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/soc-summit-talk-using-pentest-findings-to-improve-detections/
CATEGORIES:Blue Team,Pentesting,SOC
ATTACH;FMTTYPE=image/webp:https://www.antisyphontraining.com/wp-content/uploads/2026/01/Talk_Using-Pentest-Findings-to-Improve-Detections_Ashley-Knowles.webp
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260325T113000
DTEND;TZID=America/New_York:20260325T115500
DTSTAMP:20260403T150325
CREATED:20260122T211406Z
LAST-MODIFIED:20260123T171713Z
UID:10000881-1774438200-1774439700@www.antisyphontraining.com
SUMMARY:SOC Summit Talk: Augmented Detection Engineering
DESCRIPTION:With Wade Wells \n\n\n\n\n\n\n\nDo you understand where AI can safely support the detection lifecycle? \nJoin Wade Wells (Staff Detection & Response Engineer) for a 25-minute\, conversational walk-through of how AI can boost every part of the detection lifecycle\, from generating new detection ideas and tightening logic to evaluating coverage\, finding blind spots\, and automating documentation. \n\n\n\n\n\nThis talk shows practical ways AI can brainstorm attack paths\, tighten detections\, translate logic\, surface logging gaps\, and draft documentation\, such as playbooks and detection cards\, so engineers can focus on precision and strategy. \nWade will focus on real\, usable techniques\, not hype\, showing what AI can safely augment and how to build a modern\, AI-assisted detection workflow. \n\n\n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow SOC Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n This talk is part of the Antisyphon Training SOC Summit\, a free\, 6-hour\, live virtual event designed to give you an honest\, practical look at what it’s really like to work in a SOC. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available March 26-April 10 to help you deepen your skills and become more effective at protecting what matters most. \n\n\n\n\nLearn more about the SOC Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nWade Wells\n\n\n\n\nBio\n\n\n\nWade Wells is the Lead Detection Engineer for a Fortune 30 financial company. He has worked for eight years in security operations\, performing threat hunting\, cyber threat intelligence\, and detection engineering\, primarily in the financial sector. ​Active in the cybersecurity community\, Wade frequently speaks at prominent industry events and is involved with several security-focused organizations. \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/soc-summit-talk-augmented-detection-engineering/
CATEGORIES:Artificial Intelligence,Blue Team,SOC
ATTACH;FMTTYPE=image/webp:https://www.antisyphontraining.com/wp-content/uploads/2026/01/Talk_Augmented-Detection-Engineering_Wade-Wells.webp
END:VEVENT
END:VCALENDAR