From

From

AI COPILOT

AI COPILOT

To

To

COMMANDER

COMMANDER

COMMANDER

16 CPE CREDITS | VENDOR-NEUTRAL | HANDS-ON

Masterclass on AI Agents and RAG for Security Automation and Investigations

Learn to go from copilots to agents that plan, act, and explain. This hands-on training teaches what you need to get started in vibe investigating, build autonomous AI agents for security operations, and navigate your security generative AI strategy - in just 2 days.

November 6-7, 2025 (Thu-Fri)
Online - Americas time zones

November 6-7, 2025 (Thu-Fri)
Online
Americas time zones

Sign Up Now

Lead the advance to genAI for security

The rise of agentic AI resets how we investigate, detect, and automate: systems can now self-plan, query databases & APIs, call tools to take action, and work autonomously. This shift reaches across SOC, IR, threat intel, vulnerability management, and SecOps - changing both what is worth doing and how to do so.

Over two days, you'll work with leaders in generative AI for security as you go through primers, hands-on labs, and open discussions. In the cyber range, you'll choose prompt-first or code-first approaches to practice AI for core workflows like contextualization, deep investigation, triage, and reporting. Along the way, you'll build practical AI fluency with LLMs, RAG, agents, self-planning, semantic layers, evals, and more.

You'll leave with the skills and confidence to lead applying AI-era investigation and automation — for yourself, and for your team.

Lead the advance to genAI for security

The rise of agentic AI resets how we investigate, detect, and automate: systems can now self-plan, query databases & APIs, call tools to take action, and work autonomously. This shift reaches across SOC, IR, threat intel, vulnerability management, and SecOps - changing both what is worth doing and how to do so.

Over two days, you'll work with leaders in generative AI for security as you go through primers, hands-on labs, and open discussions. In the cyber range, you'll choose prompt-first or code-first approaches to practice AI for core workflows like contextualization, deep investigation, triage, and reporting. Along the way, you'll build practical AI fluency with LLMs, RAG, agents, self-planning, semantic layers, evals, and more.

You'll leave with the skills and confidence to lead applying AI-era investigation and automation — for yourself, and for your team.

Lead the advance to genAI for security

The rise of agentic AI resets how we investigate, detect, and automate: systems can now self-plan, query databases & APIs, call tools to take action, and work autonomously. This shift reaches across SOC, IR, threat intel, vulnerability management, and SecOps - changing both what is worth doing and how to do so.

Over two days, you'll work with leaders in generative AI for security as you go through primers, hands-on labs, and open discussions. In the cyber range, you'll choose prompt-first or code-first approaches to practice AI for core workflows like contextualization, deep investigation, triage, and reporting. Along the way, you'll build practical AI fluency with LLMs, RAG, agents, self-planning, semantic layers, evals, and more.

You'll leave with the skills and confidence to lead applying AI-era investigation and automation — for yourself, and for your team.

This masterclass is for you

This masterclass is for you

This masterclass is for you

Code or no code: Your choice.

Hands-on lab portions support your preference between prompt-first UIs and Python notebooks.

Leaders
Understand ROI, trajectories in use case and technology, and how to responsibly target outcomes.
Analysts: SOC, IR, DFIR, Hunt, TI, VM, …
Go beyond copilots and apply AI directly to your investigations and automations.
Engineers & Developers
Build smarter agents, scale RAG, wire up custom MCP connectors, and boost quality.

What you'll learn

What you'll learn

What you'll learn

Better, faster, cheaper: Learn AI core concepts, where it's working today, where it's not, and what's next
Ship: Journey from copilotsscalable RAGagentic long-runs that plan, act, and explain
Prove quality: Use LLM-as-judge and inter-rater evals for better results and confidence
RAG & Agents: Learn top methods like agentic planning and Graph RAG that make workflows faster, smarter, and more cost-effective at scale
Take it home: Leave with stress-tested patterns, free & open tools, and confidence in what to do next

Why learn from us

Why learn from us

Why learn from us

Join our instructors with incident response scars and track records in AI+data technology breakthroughs
so you know what works today and what's coming next.

🏆🏆🏆
First agentic AI speedrun of Splunk Boss of the SOC CTF
⭐⭐⭐⭐⭐
Helped run the most popular Black Hat 2025 AI training
Rise of the Agents – R. Rodriguez & team
⭐⭐⭐⭐⭐
Helped run the most popular Black Hat 2025 AI training
Rise of the Agents – R. Rodriguez & team
🏆🏆🏆
Winners of the
U.S. Cyber Command
AI competition on alerts
🏆🏆🏆
Winners of the
U.S. Cyber Command
AI competition on alerts
Track record in core data + AI:
Creators and early contributors of popular OSS projects like Apache Arrow, NVIDIA RAPIDS, and more
Track record in core data + AI:
Creators and early contributors of popular OSS projects like Apache Arrow, NVIDIA RAPIDS, and more
Years of experience as analyst and developers
for major enterprise SOCs, MSSPs, law enforcement, and military/intelligence agencies
Years of experience as analyst and developers
for major enterprise SOCs, MSSPs, law enforcement, and military/intelligence agencies

Participant Requirements

Participant Requirements

Participant Requirements

  • Computer with Wi-Fi, browser to access course materials and participate in labs.


  • No prior AI or coding experience required. Familiarity increases takeaways but not required.


  • Advanced users may optionally bring a setup with Docker + Jupyter and ~20 GB free disk space if they want to run locally. Otherwise, we provide a streamlined hosted environment via GitHub login.

  • Computer with Wi-Fi, browser to access course materials and participate in labs.


  • No prior AI or coding experience required. Familiarity increases takeaways but not required.


  • Advanced users may optionally bring a setup with Docker + Jupyter and ~20 GB free disk space if they want to run locally. Otherwise, we provide a streamlined hosted environment via GitHub login.

Agenda

Agenda

Agenda

Day 1
Fundamentals: LLMs, Agents, and Planning
Day 1
Fundamentals: LLMs, Agents, and Planning
  • LLM fundamentals: Transformers, vectors, fine-tuning, serving
  • Lab: Self-hosting a small model
  • The agentic AI SOC: Use cases like triage, contextualization, investigations, and more
  • Vibe investigating: Tool calls, MCP, DB connectors, semantic layers, composition
  • Lab: Splunk & Databricks AI connector hands-on
  • Agentic planning: From static workflows to dynamic plans & tasks, CoT, validation
  • Lab: First AI CTF speed-run attempt

  • + Discussions & breaks throughout

  • LLM fundamentals: Transformers, vectors, fine-tuning, serving
  • Lab: Self-hosting a small model
  • The agentic AI SOC: Use cases like triage, contextualization, investigations, and more
  • Vibe investigating: Tool calls, MCP, DB connectors, semantic layers, composition
  • Lab: Splunk & Databricks AI connector hands-on
  • Agentic planning: From static workflows to dynamic plans & tasks, CoT, validation
  • Lab: First AI CTF speed-run attempt

  • + Discussions & breaks throughout

Day 2
Scaling: RAG, Evaluations & Longer Agentic Runs
Day 2
Scaling: RAG, Evaluations & Longer Agentic Runs
  • RAG I: Retrieval fundamentals (chunking, hybrid retrieval, reranking, HyDE)
  • Lab: “Talk to logs” with RAG
  • RAG II: Scaling (embedding fine-tuning, enrichment, memory strategies)
  • Planning continued: Iterative refinement with labs
  • Evals: When and how to apply LLM-as-judge, inter-rater agreement
  • Lab: Evals on scaling log analysis
  • Graph RAG: Event/entity graphs, memory, at-scale OSINT/TI use cases

  • Lab: Interactive graph RAG

  • + Discussions + breaks throughout

  • RAG I: Retrieval fundamentals (chunking, hybrid retrieval, reranking, HyDE)
  • Lab: “Talk to logs” with RAG
  • RAG II: Scaling (embedding fine-tuning, enrichment, memory strategies)
  • Planning continued: Iterative refinement with labs
  • Evals: When and how to apply LLM-as-judge, inter-rater agreement
  • Lab: Evals on scaling log analysis
  • Graph RAG: Event/entity graphs, memory, at-scale OSINT/TI use cases

  • Lab: Interactive graph RAG

  • + Discussions + breaks throughout

Transferrable

Vendor-neutral, OSS, & demos

Vendor-neutral, OSS, & demos

This course is vendor-neutral:
All patterns are shown with open-source alternatives where possible to ensure transferability.


To make the methods concrete and show how the ideas work in production-grade tools, 
demonstrations include OpenAI, Ollama/vLLM, Prefect, Claude Code, Graphiti, Louie.ai, Graphistry, and more.

This course is vendor-neutral:
All patterns are shown with open-source alternatives where possible to ensure transferability.


To make the methods concrete and show how the ideas work in production-grade tools, 
demonstrations include OpenAI, Ollama/vLLM, Prefect, Claude Code, Graphiti, Louie.ai, Graphistry, and more.

Pricing & Registration

Pricing & Registration

Pricing & Registration

Limited to 45 participants to keep sessions high-quality

Early Bird (2.5 Weeks)

$1,600

Sign Up Now

Regular

$1,900

Sign Up Now

Group Discount

15% off for 3-5 participants

Limited Availability

Capacity at 45 participants to ensure quality

What's Included

What's Included

What's Included

Live instruction + hands-on labs
Attestation of completion - CPE eligible: 16 credits
Challenge coin upon course completion
Louie.ai + Graphistry t-shirt, stickers
Access to slides, data, and notebooks
Reference prompts, checklists, and evaluation scripts

Instructors

Member image

Leo Meyerovich, PhD

Leo Meyerovich, PhD

Founder & CEO of Graphistry, co-creator of Louie.ai

Pioneer in GPU-accelerated visual graph intelligence. Leo helped launch open-source ecosystems like Apache Arrow and NVIDIA RAPIDS, and holds a PhD in Computer Science from UC Berkeley.  Leo led the first successful agentic AI speed-run of Splunk Boss of the SOC (BOTS), and his team won the U.S. Cyber Command AI RPE competition for alert volume reduction. He works closely with global government agencies, major enterprises, financial institutions, and technology companies on data-intensive investigation technologies across cybersecurity, fraud, and national intelligence. Earlier, he contributed to R&D efforts at Microsoft and Adobe, where he recieved the SIGPLAN 10yr Test of Time award and multiple Best Paper awards.

Member image

Sindre Breda

Sindre Breda

Solutions Architect at Graphistry

Former Chief Inspector at Kripos (Norwegian National Criminal Investigation Service) and senior analyst at Defendable MSSP. Sindre is an expert in SOC automation, security graph intelligence,  and GenAI for investigations, and advises banks, government agencies, tech companies, and various enterprises in their deployments.

+ Additional Louie.ai staff

Senior practitioners with backgrounds across enterprise SOCs, MSSPs, SIEMs, government agencies, and various data technologies

FAQ

Is this only for SOC/IR analysts?

No — while labs focus on SOC/IR, discussions cover how the same approaches apply to hunting, threat intel, detection engineering, vuln mgmt, and beyond.

Do I need to know AI or Python?

No. We provide two tracks: natural language / point-and-click and Python notebooks.

Will you promote Louie.ai?

The training is vendor-neutral. We’ll demonstrate OSS alternatives throughout, and occasionally show Louie.ai + Graphistry so you can see production-grade implementations.

Are sessions recorded?

Yes, recordings and materials are provided to all attendees.

Can I expense this to my employer?

Yes — attendees receive an attestation and CPE credits.

Copyright 2025 Graphistry, Inc.