This micro-course can be applied toward the AI Skills Accelerator for IT, Digital and Enterprise Systems Professionals and is the introductory level 2 micro-course in the AI and Cybersecurity track.
Building on foundational AI cybersecurity knowledge, this proficiency level micro-course empowers IT and digital professionals to implement and manage real-time AI-driven threat detection systems. Develop practical skills in deploying AI security solutions, fine-tuning detection algorithms and responding to AI-generated security alerts effectively within enterprise environments.
By the end of this course, you will be able to:
- Deploy and configure real-time AI threat detection systems
- Integrate AI-powered threat intelligence into existing security infrastructure
- Design automated response workflows for common threat scenarios
- Optimize detection algorithms to reduce false positives
- Perform root-cause analysis on security incidents and system alerts
- Measure and report on AI security system performance metrics
- Implement advanced security tools including Suricata, Zeek, and Wazuh with ELK Stack
- Deploy AI models in network security contexts
- Integrate AI capabilities with SIEM/SOAR platforms
- Understand AI vulnerabilities and adversarial machine learning risks
- Apply AI forensics techniques for evidence collection and analysis
Platform and tool selection varies and is regularly updated to reflect current industry trends. Students can expect to interact with:
- Advanced SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel)
- Network security tools (Suricata, Zeek/Bro)
- Security information management (Wazuh + ELK Stack)
- AI threat detection engines (Darktrace, Vectra, CrowdStrike)
- Security orchestration and automated response (SOAR) platforms
- Threat intelligence feeds and APIs
- Machine learning model deployment tools for security
- AI forensics and evidence collection platforms
Course outline
- Module 1: AI security fundamentals refresher
- Module 2: AI in threat detection: Phishing, malware, anomaly detection
- Module 3: Tooling deep dive: Suricata, Zeek, Wazuh + ELK Stack
- Module 4: Deploying models in network contexts
- Module 5: AI integration with SOC tools (SIEM/SOAR)
- Module 6: AI vulnerabilities and adversarial machine learning
- Module 7: AI forensics and evidence
- Mini-Capstone project and wrap-up
How am I assessed?
You will be assessed on successfully completing weekly activities, including exercises, quizzes, applied case study projects (based on real-life scenarios) and your contributions to discussion posts. These activities are marked using a proficiency scale, and your instructor provides you informal feedback during live online sessions.
While you are not assessed on your attendance of the live online sessions, we encourage you to attend so you can learn and interact with your instructor and other participants. All sessions are recorded in case you miss one.
This micro-course operates on a pass/fail basis. You must achieve an overall grade of 70% or greater to pass and be eligible to earn the UBC Certificate in AI Skills Accelerator for IT, Digital and Enterprise Systems Professionals.
Expected effort
Expect to spend approximately 14 hours per week per course completing all learning activities, including attending live sessions online.
Requisites
Recommend completion of AI and Cybersecurity 1: Introduction or equivalent foundational AI cybersecurity knowledge.
Course format
This 100% online part-time program consists of instructor-supported real-time classes combined with independent study.
Each micro-course will consist of a weekly virtual class taught by subject matter experts and a high degree of personal engagement and interactivity. Outside of class, you can access online materials on your own time.
One business day before the micro-course start date, we'll email you step-by-step instructions for accessing your micro-course.