Hunt, detect, respond: bridging log analysis, threat hunting & incident response
November 10th, 2025 | Bucharest
Alerts alone aren’t enough.
Bridge the gap between detection and response with practical exercises in threat hunting, incident response, and log analysis.
Why is this workshop relevant?
This workshop gives participants hands-on experience in detecting threats, responding to incidents, proactively hunting adversaries, and turning log data into actionable defense.
Workshop agenda
- Understanding Logs & Threat Detection Basics
- Windows Host Logs & Forensics
- Linux Host Logs & Forensics
- Malware Analysis
- Essential Tools for Analysis
- Attacker Tactics: Persistence, Privilege Escalation & Lateral Movement
- EDR/AV Evasion Techniques
- Writing Effective Detection Rules
- Tuning & Validation of Detections
- Incident Response Lab
- Wrap-Up, Key Takeaways
- Q&A
About the trainer
GEORGE SAFTA
George is a Blue Team specialist with extensive experience in Security Operations Centers (SOC).
His expertise lies in monitoring, detecting, and responding to cyber threats, ensuring robust defense mechanisms are in place to protect organizations from attacks.
Who is it for?
This workshop is designed for cybersecurity professionals and enthusiasts with basic to intermediate knowledge who want hands-on experience in threat detection, log analysis, and incident response.
Key learning objectives:
✔ Spot indicators of compromise (IOCs) across multiple data sources.
✔ Analyze malware behavior across different categories, including ransomware, infostealers, and backdoors.
✔ Write and tune detection rules to detect threats effectively and reduce false positives.
✔ Execute the full incident response process, from detection to remediation.
✔ Conduct proactive threat hunting to uncover hidden attacks before they escalate
Other information & prerequisites
- Basic understanding of networking concepts and common security terminology.
- Familiarity with operating systems and file systems (Windows/Linux) is helpful but not mandatory.
- No advanced programming or prior incident response experience is required.
Technical requirements for attendees:
For participants who wish to engage in hands-on exercises, which is not mandatory, the following are recommended:
✔ Laptop capable of running virtual machines
✔ Software:
– Web browser (Chrome, Firefox, or Edge)
– Text editor (Notepad++, Sublime Text, or equivalent)
Estimated workshop duration: 8h
Language of instruction: Romanian. The workshop can be delivered in English if the participants are non-Romanian speakers.
Participation fee: EUR 190
FAQs
If we do not meet the minimum number of participants, you can either transfer to another workshop and pay or receive a refund for any difference in price, or opt for a full refund. You will be notified in advance and given options to choose what works best for you.
The workshop price covers food. However, accommodation is not included, but we can recommend nearby options for your convenience.
Yes, full refunds are available up to 15 days before the workshop start date. However, if you cancel after that, we can offer only 50% of the price.
You will receive an email with all the necessary details, including the workshop location, prerequisites, and schedule, at least one week before the event. If you have any immediate questions, feel free to reach out to us directly.