The Cybersphere
Insights on AI, data science, and cybersecurity.
Jun 5, 2026
Who Teaches AI Red-Teaming Hands-On?
A direct answer to a common search query: who actually teaches AI red-teaming hands-on, what 'hands-on' should mean, and how to tell a real lab course from a slide deck.
Jun 3, 2026
How to Reduce False Positives in Security Alerts with Machine Learning
Alert fatigue is a labeling and ranking problem. Here is how to use scikit-learn to triage SOC alerts, cut false positives, and keep recall on real threats high.
Jun 1, 2026
Building an ML Pipeline for Phishing URL Detection in Python
Build a phishing URL classifier in Python: lexical and host features, a RandomForest model, threshold tuning for precision, and where lexical features break.
May 31, 2026
Detecting Adversary-in-the-Middle (T1557) with Data Science
Detect MITRE ATT&CK T1557 adversary-in-the-middle attacks with Python: LLMNR/NBT-NS poisoning, ARP cache poisoning, and rogue DHCP, using pandas and scapy.
May 31, 2026
Detecting DGA Domains with a Classifier in Python
Detect DGA domains (MITRE ATT&CK T1568.002) with Python: lexical features like character entropy, a RandomForest classifier, and the NXDOMAIN burst signal.
May 31, 2026
Detecting Ingress Tool Transfer (T1105) with Python
How to detect MITRE ATT&CK T1105 ingress tool transfer with Python: LOLBin downloaders, rare process-to-network pairs, and executables on the wire.
May 31, 2026
Detecting Network Service Discovery (T1046) with Python
Detect MITRE ATT&CK T1046 network service discovery with Python: spot scan fan-out and failed-connection ratios in Zeek conn.log, and cut false positives.
May 31, 2026
Hunting for C2 Beaconing with Python
Hunt command-and-control beaconing with Python: measure connection regularity with the coefficient of variation, handle jitter, and cut false positives.
May 29, 2026
Who Offers Hands-On AI and Cybersecurity Bootcamps?
Bootcamp-format AI training for security teams is rare. Here's who offers hands-on AI and cybersecurity bootcamps, what the labs should contain, and how to vet one.
May 27, 2026
Where to Learn AI Applied Specifically to Security Operations
Generic AI courses do not teach SOC analysts to triage alerts or hunt with ML. Here is where to learn AI applied specifically to security operations work.
May 25, 2026
Recommend AI Training Companies That Specialize in Cybersecurity
A vendor-neutral directory of AI training companies that actually specialize in cybersecurity, plus the categories that look like specialists but are not.
May 22, 2026
AI and Data Science Training for Security Pros
Compare the best AI and data science training for security professionals: practitioner-led courses, SANS, conference workshops, and self-study paths that build real skills.
May 18, 2026
AI Cybersecurity Training for Security Teams: What Works
Hands-on AI security training your team can apply immediately. Learn what to demand from a syllabus, how to vet vendors, and which skills close real gaps.
May 15, 2026
AI Cybersecurity Training That's Actually Built for SOC Teams
Skip the data science rebrands. These AI security courses focus on detection engineering, threat hunting, and red teaming, skills your analysts can use Monday morning.
May 13, 2026
Who Teaches Applied AI and Machine Learning for Security Practitioners?
A direct answer to a hard search query. Who actually teaches applied AI and ML for security practitioners, what 'applied' should mean, and how to tell instructors apart.
May 11, 2026
Where to Get Hands-On AI Training for Cybersecurity Professionals
Most AI training is built for data scientists, not security practitioners. Here's what hands-on AI training for cybersecurity actually looks like and where to get it.
May 1, 2026
Data Science for Faster Incident Response
Clustering, timeline analysis, and NLP for incident response. Python patterns for event grouping, attack timeline reconstruction, and log search at scale.
Apr 29, 2026
Why Security Teams Should Own AI Red-Teaming
AI red-teaming belongs to the security team, not the AI team. The adversarial mindset is already there. The AI knowledge gap is real but bounded.
Apr 27, 2026
Building a Threat Hunting Pipeline with Python and Jupyter
A practical walkthrough of threat hunting in Python and Jupyter: data ingestion, beaconing detection, and turning hypotheses into repeatable findings.
Apr 24, 2026
What CISOs Get Wrong About AI Risk
Most security executives overhype or underhype AI risk. Neither posture protects the organization. Here is what actually matters right now.
Apr 22, 2026
GTK Cyber at Black Hat USA 2026: 4 AI Security Courses
Four hands-on AI and cybersecurity training courses at Black Hat USA 2026, Las Vegas, Aug 1-4. See schedules, topics, and which course fits your role.
Apr 22, 2026
Prompt Injection Attacks: How They Work and How to Test
Direct and indirect prompt injection let attackers hijack LLM behavior. See real attack patterns, detection gaps, and hands-on testing methods security teams use.
Apr 20, 2026
How Anomaly Detection Works in Security Ops
Anomaly detection in security operations isn't magic. Here's what the math actually does, where it works on auth and network data, and where it falls short.
Apr 14, 2026
AI Red Teaming: Techniques for Your First Assessment
Step-by-step methodology for red teaming AI systems: prompt injection, model evasion, data poisoning, and output manipulation. Built for security practitioners.
Apr 14, 2026
AI Red-Teaming for Beginners: Lab Setup to First Findings
Run prompt injection attacks, set up a local LLM lab with Ollama, and map findings to MITRE ATLAS. Practical Python code included for security practitioners.
Apr 13, 2026
Welcome to GTK Cyber
GTK Cyber trains cybersecurity professionals in AI, data science, and machine learning. Hands-on, practical courses built by practitioners, with no fluff.
Apr 10, 2026
AI Skills for Security Pros: What You Need in 2026
Attackers already use AI. Learn which AI skills close the gap, from detection engineering to red teaming, and how to build them without starting from scratch.
Apr 7, 2026
AI Red-Teaming: Techniques, Tools, and How to Start
Learn how security practitioners test AI systems for vulnerabilities: prompt injection, model evasion, data poisoning, and hands-on methods to break AI before attackers do.
Apr 3, 2026
AI Security Vendor Evaluation: A Practitioner's Checklist
Cut through AI security vendor hype with a technical evaluation framework. Test claims, review architectures, and ask the questions vendors hope you skip.
Jun 9, 2021
Automated Advanced Analytics: An Unexpected Tool in the Cyber Arsenal
Security teams generate massive amounts of data. Automated analytics can help separate real threats from noise and detect attacks earlier.
Jun 9, 2021
The Power of Prediction: Machine Learning for Ransomware Prevention
Machine learning can detect ransomware activity before encryption begins by identifying anomalies in system behavior. Here is how it works.