# AINS6300: AI in Threat Detection

**Aurnova MSAI track:** Cybersecurity AI  
**Credits:** 3  
**Format:** 8-week online graduate course

Applies AI to telemetry, anomaly detection, threat intelligence, detection engineering, and SOC integration.

This course follows the Aurnova/Castalia course-site pattern used by AINS6003: each module includes book prose, an assignment notebook, slide notebook, narration, instructor notes, and an executable lab.

## Course Outcomes

By the end of the course, students will be able to:

- explain the major concepts and tradeoffs in AI in Threat Detection;
- build or evaluate applied AI artifacts aligned with the course domain;
- document assumptions, evidence, limitations, and operational risks;
- connect technical work to governance, stakeholder needs, and deployment readiness.

## Module Map

1. **Security telemetry and threat models** — What signals reveal malicious behavior?
2. **Anomaly detection foundations** — How can models detect unknown patterns?
3. **Malware and network behavior analysis** — What features distinguish hostile activity?
4. **Threat intelligence and enrichment** — How does external intelligence improve detection?
5. **Detection engineering and evaluation** — How do we measure detection quality?
6. **Adversarial behavior and evasion** — How do attackers adapt to detectors?
7. **Security operations integration** — How do detections become action?
8. **Threat detection portfolio** — What evidence supports deployment?