Hasso-Plattner-Institut25 Jahre HPI
Hasso-Plattner-Institut25 Jahre HPI

Emerging Technologies for Security Operations (Sommersemester 2024)

Dozent: Dr. Feng Cheng (Internet-Technologien und -Systeme) , Pejman Najafi (Internet-Technologien und -Systeme)

Allgemeine Information

  • Semesterwochenstunden: 4
  • ECTS: 6
  • Benotet: Ja
  • Einschreibefrist: now till 15.04.2024
  • Prüfungszeitpunkt §9 (4) BAMA-O: 13.05.2024
  • Lehrform: Seminar / Projekt
  • Belegungsart: Wahlpflichtmodul
  • Lehrsprache: Englisch
  • Maximale Teilnehmerzahl: 12

Studiengänge, Modulgruppen & Module

IT-Systems Engineering MA
Cybersecurity MA
  • SECA: Security Analytics
    • HPI-SECA-K Konzepte und Methoden
  • SECA: Security Analytics
    • HPI-SECA-T Techniken und Werkzeuge
  • SECA: Security Analytics
    • HPI-SECA-S Spezialisierung
  • CYAD: Cyber Attack and Defense
    • HPI-CYAD-K Konzepte und Methoden
  • CYAD: Cyber Attack and Defense
    • HPI-CYAD-T Techniken und Werkzeuge
  • CYAD: Cyber Attack and Defense
    • HPI-CYAD-S Spezialisierung
Software Systems Engineering MA
Data Engineering MA


Recent advances in big data and artificial intelligence have led to many significant and substantial changes in today's digital landscape. The penetration of these emerging technologies into cybersecurity, and more specifically into enterprise cyber defense, is highly anticipated, but unfortunately still very limited at the moment. This seminar aims to review the state of the art of Enterprise Security Operation Centers (SOC), teach and train essential knowledge and skills for various phases/roles in the SOC, and explore the possibilities of leveraging emerging technologies towards an advanced and automated SOC.

Important Notices:

  • Due to the limit of capacity, we can only offer max. 12 positions for this course.If you have the interest, please write an email NOW to feng.cheng AT hpi.de (First Come, First Served)
  • The introductionary session is scheduled on April 08, 2024 in Room G1-E.15/16 (HPI Campus III).


  • Knowledge and skill on security of applications, OS, networking,
  • You have known or the interests to know what the following terms mean:
    • IDS, SOC, MDR, SIEM, SOAR, EDR, NDR, XDR, etc.
    • Splunk, Elastic, CrowdStrike, Microsoft Defender, Microsoft Sentinel, etc
    • CTI, NVD, CVE, CPE, etc.


Lern- und Lehrformen

  • Tutorial sessions
  • Guided practical tasks
  • Individual weekly project meetings


  • Presentations & demonstrations (PoC Implementations): 3 times (80%)
  • technical report (20%)


  • 08.04.2024 13:30pm
    • Introductory session, G1-E.15/16
  • 15.04.2024 13:30pm
    • Subscription Deadline (by Studienreferat)
    • Team building
    • Infrastructure Provision
  • 22.04.2024 13:30pm
    • Tutorial Session 1
  • 23.04.-12.05.2024: Phase I
  • 13.05.2024 13:30pm
    • Joint presentation session (check-point 1 <= Prüfungstermin)
  • 14.05.-16.06.2024: Phase II
  • 17.06.2024 13:30pm
    • Joint presentation session (check point 2)
  • 18.06.-14.07.2024: Phase III
  • 15.07.2024 13:30pm
    • Joint presentation session (Final)
    • Gather-Together BBQ
  • Notes:
    • This is only a preliminary schedule and is subject to change (most likely there will be changes ;-) ).
    • The detailed plan, including milestones and timelines, will be available in the introductory session.
    • This page will not be updated after the team building. Further information will be then available only within the internal space on HPI-Gitlab..