Setting Up Your Claude Workspace

What you need

A Claude account. The free tier works for most exercises in this course. Claude Projects are available to all users. Free accounts can create up to 5 projects. Claude also has persistent memory across sessions on all tiers, including free: it remembers your name, preferences, and ongoing project context without you re-stating them. Claude Pro ($20/month) adds unlimited projects, higher usage limits, and access to Adaptive Reasoning (Claude decides how deeply to think based on task complexity) and Claude Opus. Recommended for Modules 3 and 4 where deeper reasoning improves output quality for detection engineering and IR documentation tasks.

Your existing security environment (recommended, not required). Investigation, detection engineering, and automation modules produce better learning outcomes when you apply them to real log data. Any of the following works: a SIEM with log data (Sentinel, Splunk, Elastic), an EDR console with endpoint telemetry, or a cloud security platform (Defender for Cloud, Prisma Cloud, AWS Security Hub). If you do not have access to a production environment, every exercise includes sample data sufficient to complete the task. The course uses Microsoft 365, Sentinel, and Defender XDR for its worked examples because these are the most widely deployed enterprise security platforms. The AI methodologies (prompt patterns, validation workflows, and investigation templates: apply to any security platform. If you use Splunk, adapt the KQL examples to SPL. If you use Elastic, adapt to EQL. The structural patterns and methodology transfer cleanly regardless of query language.

Create your course Project

Open Claude and create a new Project dedicated to this course. The Project ensures that every conversation within it starts with the same context. Your environment details, your output preferences, your validation requirements. No re-briefing required. Every conversation starts from a shared understanding of your environment.

Project name: "Security Operations: AI Course"

Project Instructions: Paste the following system prompt into the Project instructions field. Adapt the environment context section to match your actual tools.

The system prompt works because it eliminates the three most common sources of wasted interaction time. First, platform ambiguity. Without the environment line, Claude defaults to whichever platform appears most frequently in its training data, which may not be yours. An analyst using Sentinel who gets Splunk SPL in their first response wastes the entire interaction on format correction. Second, format inconsistency. Without output requirements, Claude generates queries without comments, rules without ATT&CK mappings, and reports in whatever structure it considers default. Every conversation becomes a negotiation about format before you can address the actual security task. Third, unnecessary hedging. Without the behaviour line, Claude wraps every response in caveats about seeking professional advice, consulting with your security team, and checking with legal counsel. These caveats are appropriate for a general audience. They waste space when you are the security professional who already understands the operational context.

The system prompt is a starting point. You will refine it throughout the course as you discover additional context that improves Claude's output for your specific environment. Module 2 may reveal that you need to add your Sentinel workspace's custom table names. Module 3 may reveal that you need to specify your organization's detection rule naming convention. Each refinement makes the workspace more valuable.

Here is how the iteration works in practice. You use the workspace for a week and notice that Claude generates KQL queries using has when your field values require exact match with ==. You add a line to your system prompt: "For UPN and IP address fields, use == for exact match. Reserve has for display name and freetext fields." The next investigation query Claude generates uses the correct operator. That one-line addition saves you a correction on every query for the rest of the course. By Module 10, your system prompt is a comprehensive briefing document shaped by your specific environment, your tools, and your experience with Claude's tendencies. It is the most valuable artifact the course produces because it compounds every improvement across every subsequent interaction.

Choosing the right surface for each task

Claude is available through multiple surfaces, each suited to different security tasks. Understanding which surface to use for which task prevents the common mistake of forcing all security work through a single interface.

Claude.ai (web or desktop app) is the primary surface for this course. Investigation analysis, detection rule drafting, report generation, policy writing, and governance framework development all happen here. The Project feature ensures persistent context across every conversation within the project. Adaptive Reasoning, available on Pro and higher plans, lets Claude decide how deeply to reason based on task complexity. For complex multi-step analysis (building investigation queries that join across multiple tables, validating detection rule logic against attack chains), Claude engages deeper reasoning automatically. For straightforward tasks, it responds directly without the overhead. Most course exercises work with standard conversations. Adaptive Reasoning adds value in Modules 3 and 4 where detection engineering and IR documentation benefit from deeper analysis.

Claude Code is the terminal-native surface for security scripting and automation. Module 5 uses Claude Code extensively for generating PowerShell scripts, Python automation, and KQL rule management. Claude Code reads a CLAUDE.md file from your project directory, which provides repository-specific instructions that shape every interaction. For a security automation repository, your CLAUDE.md specifies coding standards (strict mode for PowerShell, type hints for Python, error handling required), authentication patterns (certificate-based auth for Graph, never interactive login in production scripts), and RBAC documentation requirements (every script header documents the minimum permissions required). Claude Code also supports Agent View for managing multiple concurrent sessions and agent teams for parallelising complex tasks across sub-agents.

If you plan to use Claude Code during the course, create a directory for your security scripts and add a basic CLAUDE.md now. You do not need to install Claude Code to complete the course: the exercises provide alternative approaches for every Claude Code task. But if you do use it, the CLAUDE.md file ensures that every script Claude Code generates follows your standards from the first interaction, without you needing to specify them each time.

Cowork is Claude's desktop agent for delegated file tasks. Available on all paid plans for macOS and Windows, Cowork accesses folders you explicitly share and can read, create, and modify files autonomously. For security work, Cowork handles evidence file processing, report compilation from multiple sources, and batch document generation. You will encounter Cowork in Module 4 (IR documentation) and Module 5 (automation) where delegating file-heavy tasks to Cowork while you continue investigating is a practical force multiplier.

Connectors extend Claude's reach into your existing tools. In Claude.ai, you can enable connectors for Gmail, Google Drive, GitHub, Slack, Asana, and other platforms. For security work, the most valuable connectors are email (for phishing analysis and alert investigation in Modules 2 and 4) and document storage (for accessing investigation evidence, runbooks, and policy documents during conversations). Configure connector permissions conservatively: allow search and read access, restrict send, delete, and modify actions. This permission model follows the principle of least privilege that you already apply to service accounts and application registrations in your security environment. Module 7 covers the governance framework for connector permissions in organizational deployments.

Claude Security is Anthropic's code scanning tool, launched in public beta as part of Project Glasswing. It scans repositories, traces data flows, analyses interdependencies, triages vulnerabilities by severity, and generates patches. Module 9 covers Claude Security in the context of defensive AI capabilities. If your organization participates in the Cyber Verification Program, you have access to additional specialised scanning harnesses and threat model builders that go beyond the public beta.

Data handling boundaries

Before using Claude for security work, establish clear boundaries about what data you will and will not share with AI systems. This is not a theoretical governance exercise. It is a practical decision that affects every interaction in this course and every operational use afterward. Module 7 covers AI governance comprehensively. This section establishes the minimum boundaries you need before Module 1.

Safe to share: sanitized log excerpts with usernames replaced by placeholders, detection rule logic without environment-specific details, report templates and document structures, policy frameworks and governance documents, query syntax questions with generic examples. These contain no data that could compromise your organization if exposed. The course exercises use this approach throughout. Northgate Engineering scenarios provide realistic context without requiring you to share actual organizational data.

Requires judgment: investigation context that includes internal IP ranges, domain names, or application names. These are low-sensitivity in isolation but could contribute to reconnaissance if combined with other information. Use your organization's data classification policy to decide. When in doubt, sanitize. A simple find-and-replace that converts internal domains to placeholder names (corp.example.com) and internal IPs to RFC 5737 documentation addresses (198.51.100.x) takes 30 seconds and eliminates the risk entirely without reducing the quality of AI analysis.

Never share: production credentials, API keys, full unredacted log exports, PII from investigations, active incident details that could reveal defensive posture, and classified or restricted information. Claude's data policies vary by plan. Team and Enterprise plans provide no-training-by-default, but the data still transits Anthropic's infrastructure during processing. Treat Claude like any other third-party SaaS tool and apply your organization's vendor data handling policies consistently.

Verify your setup

Test your workspace with a quick verification. Open your course Project in Claude.ai and paste this prompt:

"I need to investigate a suspicious sign-in. The user j.morrison signed in from IP 198.51.100.44, which resolves to a Netherlands hosting provider. The user normally signs in from UK residential IPs. What are my investigation steps? Include KQL queries for Sentinel."

Evaluate Claude's response against three criteria. First, does it provide structured investigation steps in a logical order, checking the sign-in details before broadening to related activity? A good response starts with the specific sign-in event, then expands to historical patterns for the same user, then checks for lateral movement indicators. A poor response jumps immediately to "block the IP" without establishing whether the sign-in was successful, whether MFA was challenged, or whether the user might be traveling.

Second, does it generate KQL queries that reference real Sentinel tables (SigninLogs, AADNonInteractiveUserSignInLogs) with correct field names (IPAddress, UserPrincipalName, ResultType)? Run the schema verification from section 0.1 on any table name you do not recognize. This is the first application of the validation discipline.

Third, does it include verification caveats, flagging where you need to check the output against your environment rather than assuming the query will work without validation? A well-calibrated system prompt produces responses where Claude distinguishes between what it can determine from the input ("the IP resolves to a hosting provider, which is anomalous for a user who normally signs in from residential IPs") and what it cannot ("you need to verify whether j.morrison has legitimate reasons to connect from hosting infrastructure, such as VPN use or travel").

If Claude asks you what SIEM you use or what format you prefer, your system prompt is not loaded. Check that you started the conversation inside your Project, not in a regular chat. In Claude.ai, Projects appear in the left sidebar. Conversations started from the Project inherit its instructions automatically. Conversations started from the main chat do not.

Save this conversation as your baseline. You will compare it against your results in later modules to measure how your prompting skills and system prompt refinements improve output quality over time.