[Mountain View, CA] - 20251011 - KQL in Cybersecurity Workshop

Pacific Hackers is excited to host a hands-on workshop dedicated to mastering KQL (Kusto Query Language) for cybersecurity.

Note: Please complete the registration form, as the host requires this information before the event.

Join us as we dive deep into one of the most powerful tools for threat detection and data analysis. Whether you're a SOC analyst, a threat hunter, or just starting out in cybersecurity, this workshop will equip you with the practical skills needed to navigate and respond to cyber threats more effectively.

The speaker will conduct a walk-through of KQL (Kusto Query Language) and Microsoft Sentinel, focusing on how to write basic detection queries and understand the differences between hunting and detection. This will cover how Microsoft Defender is used for Endpoint data and MITRE ATT&CK mapping to build an example detection. The goal is to share practical insights for anyone getting started with detection engineering or looking to strengthen their KQL fundamental in a SOC environment.

### What You'll Learn:

• Hands-on Threat Detection: Learn to write powerful KQL queries to find and investigate threats in real-world scenarios.
• Log Analysis & Hunting: Master the art of sifting through massive log files to uncover suspicious activity.
• Incident Response: Utilize KQL to rapidly gather critical data during an incident and expedite your response time.
• Data Visualization: Discover how to visualize your query results to easily spot trends and anomalies.