GTK Cyber runs three courses at Black Hat USA 2026 (Mandalay Bay, Las Vegas, August 1-4). They cover different ground for different people, and picking the wrong one wastes your money and your week. This is a straight guide to which fits you, including who each course is not for.
The three courses at a glance
- Applied Data Science and AI for Cybersecurity: two identical 2-day sessions (August 1-2 and August 3-4), intermediate, hands-on machine learning on security data.
- AI Cyber Bootcamp: 4 days, the same data science foundation plus generative AI, LLMs, AI agents, and adversarial AI.
- A Cyber Executive’s Guide for Artificial Intelligence: 1 day (August 3), for leaders, no code.
All three are taught by working practitioners: Charles Givre (CISSP, Apache Drill PMC Chair, 20-plus years) and Summer Rankin (PhD, 30-plus peer-reviewed publications). All are vendor-neutral, because we sell training, not a product.
Applied Data Science: the two-day technical core
Take this one if you are a SOC analyst, threat hunter, detection engineer, or security engineer who wants to apply machine learning to security data and has two days rather than four. Over the two days you work real security datasets in Jupyter, build classification and anomaly-detection models, and leave with notebooks you keep and can adapt to your own data. It runs on the Centaur VM with everything pre-loaded.
It is intermediate. You should be comfortable reading Python and running scripts. You do not need prior ML experience.
Who it is not for: people who want LLMs, prompt injection, and AI agents. That content lives in the Bootcamp, not here. Also not for absolute non-coders; if you will not write code, this is the wrong room.
See the Applied Data Science course page or the Black Hat session details.
AI Cyber Bootcamp: the full four days
Take this if you want the whole progression and can commit all four days. The Bootcamp includes the data science foundation from the two-day course, then goes further: generative AI and LLMs, building AI agents for security work, and adversarial AI, which means evasion, data poisoning, prompt injection, and RAG poisoning. If your job is heading toward AI red teaming or building AI-driven security tooling, this is the deeper track.
Same intermediate bar: comfortable reading Python, no prior ML required. The difference from the two-day course is scope and time, not difficulty of entry.
Who it is not for: someone who only needs the classical ML foundation and cannot spare four days. In that case the two-day Applied Data Science course covers the core and gets you back to work sooner. Also not for non-technical leaders; four days of labs is not the right use of a CISO’s week.
See the AI Cyber Bootcamp course page or the Black Hat Bootcamp details.
Executive Guide: one day, no code
Take this if you are a CISO, director, or other leader who has to make decisions about AI (approving projects, evaluating vendors, setting governance and risk policy) but will not personally write the code. It is one day, August 3, and there is no programming. The focus is governance, risk, and how to evaluate AI vendors and their claims without getting sold to.
Who it is not for: engineers who want to build things. You will be bored, and you will not touch a keyboard in anger. The technical courses are built for you instead.
See the Executive Guide course page.
Quick decision
- Hands-on, two days, classical ML on security data: Applied Data Science.
- Hands-on, four days, ML plus LLMs, agents, and adversarial AI: AI Cyber Bootcamp.
- Leadership, one day, governance and vendor evaluation, no code: Executive Guide.
Still unsure between the two technical courses? The dividing line is time and scope: two days for the data science core, four days if you also want the AI, agents, and adversarial material. Both start from the same intermediate prerequisite.
Compare dates and reserve a seat on the GTK Cyber events page. For teams of three or more, email info@gtkcyber.com about group rates.