SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsSummit: 28 September | Training: 29 September - 4 October | Chaired by: Jess Garcia
At SANS, our mission remains steady. We continue to deliver relevant cyber security knowledge and skills, empowering students to protect people and their assets. Register for SANS DFIR Europe Summit & Training 2025 (28 September - 4 October) and continue to build practical cyber security skills you can implement immediately. Choose your course and register now.
Please note, courses are available In-Person in Prague during this event. Please see course details below for availability. For In-Person courses, seating is available on a first-come, first-served basis. Register now to secure your spot.
For the past 15 years, SANS has been steadily contributing to the DFIR community by hosting our annual DFIR Europe Summit in Prague. This year, we are proud to be hosting the 15th edition of this Summit. Join us and your peers for this anniversary edition and learn how to overcome the latest obstacles, hear about the latest open-source forensic tools, share methods and strategies proven effective in your investigations, and connect with the top DFIR practitioners in the industry.
The knowledge you'll absorb throughout our Summit will last the entire year. Whether you’re attending your first DFIR Summit or returning for your fifteenth, you'll join a community that shares a common drive to seek truth through digital forensics and eradicate attackers during incident response engagements.
Ask any of the returning attendees - a key benefit is that you’ll have the opportunity to network with other like-minded DFIR professionals. If you work in digital forensics or incident response, the SANS DFIR Europe Summit is the must-attend event of the year.
In-Person - All Access
Live Online Attendees Will Have Access to:
"The DFIR Europe Summit in Prague was an amazing opportunity to connect with top professionals and hear cutting-edge case studies. Easily one of the best events I’ve attended for digital forensics."
"The speakers at DFIR Europe brought deep, real-world knowledge. Every session gave me something I could take back to my investigations."
“It was a privilege to attend DFIR Europe. The summit helped reinforce best practices in incident response and forensics. Can't wait for next year.“
Enhance your knowledge base and add to your toolkit with a hands-on, immersive course taught by top SANS instructors and course authors. This year we're featuring 8 Top SANS DFIR courses
Whether you attend In-Person or Live Online, you will receive high-quality cybersecurity training directly from real-world practitioners. Register now to experience training you can use immediately to secure your environment and advance your career.
I highly recommend FOR500 for anyone looking to deepen their digital forensics and incident response skills. The course offers a perfect balance of theory and practical application, with real-world examples that bring the content to life. The instructor, Chad Tilbury, is exceptional, sharing his extensive experience and providing valuable insights that you can immediately apply in the field. It’s a must for anyone serious about mastering DFIR techniques!
Fantastic course with in-depth material, delivered by amazing expert. Thanks so much for an amazing week.
As part of your SANS training experience, you’ll receive complimentary access to a NetWars Tournament which is either available at the training event you are attending or will be made available through online access if you are attending a Live Online event. The NetWars Tournament is an interactive cyber range event designed to reinforce your learning through hands-on, gamified challenges.
Save 250 EUR using the code "EarlyBirdEMEA-EURO" and pay for any 4-6 day course (excluding Beta Courses) by August 28, 2025.
Looking for Group Purchasing? Contact Us
1 free practice test when you add a certification exam attempt to your course. Available for select courses below.
Add OnDemand access for 4 months to help you prepare for your GIAC exam. Available for select courses below.
Play two evenings of the Core NetWars Tournament. Free with purchase of a 4, 5, or 6 day course
Jess Garcia is the founder and technical lead of One eSecurity, a global Information Security company specialized in Incident Response and Digital Forensics.
Read more about Jess GarciaLearn from industry leaders sharing key security insights.
Daily required course training hours throughout the week.
Engage in extra learning and activities during SANS events.
When it comes to attacks on generative AI, Prompt Injection is everywhere. So everywhere, in fact, that it’s starting to lose all meaning. If everything is Prompt Injection, then nothing really is — right? In this talk, we’ll go beyond the buzzword and into the world of APE: a structured, practical taxonomy designed for the teams on the front lines, Red Teams, SOCs, Incident Response, and Intelligence. APE helps make sense of the chaos by categorising how adversaries are actually targeting AI systems. Whether you're testing defences, triaging incidents, tracking threat actors, or just trying to figure out what’s going wrong with your chatbot at 3 a.m., APE gives you the vocabulary and framework to work smarter. Because let’s be honest, AI isn’t going anywhere, and neither are the people trying to break it.
Presented by
Jim Simpson
Certified Instructor Candidate
The term DFIR has become really popular over the last several years and is used as an all-encompassing term for digital forensics and incident response. But the reality is that there is actually an inherent contradiction between digital forensics and incident response, because the actual end goals of digital forensics and incident response are actually not the same. The reality is that for most organizations, incident response focuses on making the pain go away, and maybe improving security going forward. Thinking about a legal outcome is far from the reality for most organizations.
Presented by
Jason Jordaan
Principal Instructor
As the world of information technology continues to change, so does the role of the security leader. Whether you're a CISO, Director of Security, or someone aspiring for such a position, you should consider how the current trends in IT and business affect your professional journey. Does your current approach to security leadership set you up for success?
Attend this session to learn how experienced CISOs:
- Align their security strategy to the business it aims to support
- Ask the right questions to excel in challenging situations
- Gain support for their efforts from non-security stakeholders
- Use technical and communication skills to their advantage
Those of us whose professional roots are grounded in technology often look at enterprise defenses from the perspective of the threats. While understanding the relationship between attacks and defenses is important, it's no longer sufficient. Attend this session to learn how to think about the role of a modern security leader to succeed in today's business environment.
Presented by
Lenny Zeltser
Fellow
How exactly is Generative AI (GenAI) changing the way Forensicators & Hunters work today? In this talk Jess Garcia will answer that question by presenting everything you need to know to integrate GenAI in your everyday DFIR tasks and get ready for this new era.
Presented by
Jess Garcia
Senior Instructor
Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.
About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavioral observations.
Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.
About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavioral observations.
Prague enchants visitors with its fairytale architecture, from the iconic Charles Bridge to the towering spires of Prague Castle. The city’s cobblestone streets and charming Old Town Square are steeped in centuries of history. You can enjoy world-class beer in cozy pubs and soak in the laid-back, artistic vibe. With its blend of Gothic, Baroque, and modern influences, Prague feels like stepping into a storybook.
Eliminate the hassle of daily commutes and wasted travel time. You’ll have everything you need—from your training to dining and amenities - all in one centralized, convenient location.
Stay where the action is! Maximize your chances to connect with fellow cybersecurity professionals and industry leaders - from impromptu conversations in the lobby to exclusive after-hours events.
SANS live training events include bonus sessions exclusively at the venue. Staying on-site ensures you won’t miss these opportunities to grow your network and engage with peers beyond the conference agenda.
Delegates attending SANS DFIR Europe Prague 2025 may benefit from a discounted room rate at the Vienna House by Wyndham Andel's Prague. Hotel bedrooms are limited and are subject to availability.