SentinelOne University Workshops

Hone Your Security Skills with Expert-Led Training at OneCon24


SentinelOne University workshops are designed for hands-on security practitioners and led by some of our sharpest product experts. Choose from nine learning options to enhance your skills with SentinelOne solutions, earn CPE credits, and receive a Credly Badge upon completion of the OneCon learning path. What’s more, you’ll get exclusive access to all workshop content and continued learning after the conference.

Incident Response

Gain the tools you need to effectively counter cyber-threats with the SentinelOne Singularity Platform. In a simulated cyber-attack, you’ll investigate the threat, identify its root cause, and learn strategic remediation strategies.

In this workshop, you’ll learn how to:

  • Dissect the anatomy of static and dynamic threats
  • Perform root-cause analysis on threats Visualize threats and get automatic statistical analysis for event categories and types
  • Perform strategic mitigation on threats

Threat Hunting

Enhance your proactive cybersecurity skills by crafting effective queries to identify anomalies within telemetry data in the Singularity Data Lake. By analyzing this data, you can spot irregular patterns or activities that might indicate a threat that has bypassed traditional detection systems—a crucial skill for early detection and swift response.

In this workshop, you’ll learn how to:

  • Translate questions into effective threat hunting queries
  • Spot irregular patterns and anomalies in the Singularity Data Lake
  • Automatically link relevant events to understand the full story
  • Manually search for suspicious and malicious threats

Advanced Administration Best Practices

SentinelOne offers a suite of tools that can improve the security of your network and reduce your day-to-day burden when you follow best practices. Discover some of the most important aspects of system setup and maintenance to ensure even smoother security operations.

In this workshop, you’ll learn how to:

  • Use scope to improve and focus your security policies
  • Create effective exclusions that decrease your exposure
  • Manage your unified Singularity agents

Purple AI

Get hands-on with the world’s most advanced AI security analyst.. Purple AI is designed to transform natural language into sophisticated threat-hunting queries, enabling you to search and triage with unprecedented efficiency. Learn how to harness the capabilities of Purple AI to swiftly respond to cyber threats, enhancing your response times and improving your overall security posture.

In this workshop, you’ll learn how to:

  • Use Purple AI to jump start investigations, triage, and perform root-cause analysis
  • Translate S1QL 1.0 Queries into PowerQueries (S1QL 2.0)
  • Save and share collaborative notebooks with your team

Singularity Data Lake Workshop

The Singularity Data Lake not only serves as the storage and query platform for our endpoint solution. What’s more, it also supports ingestion of third-party data, including security and non-security as well as structured, semi-structured, and unstructured data—providing you a single console for exploring and correlating a range of data sources. See how you can easily integrate and analyze third-party data with queries, alerts, and built-in dashboards.

In this workshop, you’ll learn how to:

  • Understand how data is ingested to Singularity Data Lake Execute targeted queries against EDR, XDR, or All Data
  • Visualize search results with graphs and custom dashboards
  • Recognize the detection and alerting options available in SDL

Singularity Identity

SentinelOne can identify potential attack sources by pinpointing unsecured devices, vulnerable software, and identity misconfigurations. Explore common identity issues that can result in potential breaches and see how to best secure identities.

In this workshop, you’ll learn how to:

  • Detect risk and Identify specific attacks
  • Protect and assess your Active Directory using tools in the Identity feature set
  • Scan your AD for settings that could be exploited and how to fix them
  • Work with deceptive use cases on endpoints

Endpoint Threat Ops Challenge

Join this Capture The Flag event and compete to find malware, lateral movement, and other IoCs on endpoints. Answer the most questions correctly and win prizes.

This challenge will hone your skills in:

  • Investigating common and advanced persistent threats
  • Hunting for real malware
  • Using the SentinelOne Console to find and remediate APTs

Purple AI Threat Ops Challenge

Use Purple AI to hunt for threats in this Capture the Flag event. Compete with your peers to find IoCs, answer questions and have the chance to win prizes.

This challenge will hone your skills in:

  • Investigating common and advanced persistent threats
  • Using Purple AI for efficient threat hunting
  • Making natural language threat hunting queries

Cloud Threat Ops Challenge

Use Singularity Cloud to detect vulnerabilities and attacks with our CNAPP and cloud workload protection solutions in this Capture the Flag event. Compete to find IoCs in a cloud environment, answer questions, and have the chance to win prizes.

This challenge will hone your skills in:

  • Discovering cloud vulnerabilities
  • Detecting and preventing cloud credential leakage
  • Identifying misconfigurations and ensuring compliance
  • Detecting and remediating complex threats at the VM and K8s pod level without human intervention

Join Us for

Don’t miss the premiere event of the
year for SentinelOne customers.