Class Schedule

This course reinforces secure design and secure coding fundamentals grounded in real-world exploitation patterns and the OWASP Top 10, while extending coverage to modern architectures (microservices, service mesh) and AI-era risks (OWASP Top 10 for LLM Applications, agentic systems, MCP security). It also addresses PCI-DSS secure coding expectations relevant to regulated environments, including secure SDLC practices, tokenization, encryption, and access control requirements.

Learning Objectives:

• Apply core secure design and coding principles mapped to common vulnerability classes (OWASP Top 10), including practical prevention and remediation patterns.
• Understand attacker tradecraft and exploit chains relevant to modern applications, including how vulnerabilities are discovered and operationalized.
• Implement browser-side and web platform defenses, including Content Security Policy (CSP) and common hardening patterns.
• Manage third-party and supply chain risk, including dependency hygiene, SBOM concepts, and secure consumption of libraries/components.
• Secure microservice-based systems, including service-to-service authentication/authorization, least privilege, and common distributed-system failure modes that become security issues.
• Explain service mesh security fundamentals (e.g., Istio concepts), including identity, mTLS, policy enforcement, and observability considerations from a security perspective.
• Identify and mitigate AI application risks using the OWASP Top 10 for LLM Applications, including prompt injection, data leakage, insecure output handling, and tool/agent abuse patterns.
• Perform AI threat modeling for LLM-enabled and agentic workflows, including asset identification, trust boundaries, abuse cases, and control selection.
• Apply secure coding best practices for agentic AI systems, including tool-call authorization, constrained execution, secrets handling, output validation, and defense-in-depth for autonomous behavior.
• Assess MCP security concerns, including safe tool exposure, policy enforcement, and integration risks across model-to-tool interfaces.
• Interpret PCI-DSS secure coding expectations for developers, including secure SDLC alignment and practical implications of requirements around tokenization, cryptography, encryption, and access controls.

Prerequisites:

• Completion of the Secure Coding Practices course

Remarks:

• Participants are required to bring company-assigned laptops to this session.
• This is a virtual session. Registered participants will receive MS Teams connection instructions prior to the class.

Intended Audience: ITS & E-commerce Developers

If you are interested in this course but not a member of the intended audience, provide justification to your supervisor and director on how the subject matter aligns with your current role and or future responsibilities. Upon their approval, please email us at its.training@alaskaair.com.

• Thursday, March 12, 2026 from 9:00 AM to 10:30 AMMicrosoft Teams Webinar
• Thursday, March 12, 2026 from 1:00 PM to 2:30 PMMicrosoft Teams Webinar

This course reinforces secure design and secure coding fundamentals grounded in real-world exploitation patterns and the OWASP Top 10, while extending coverage to modern architectures (microservices, service mesh) and AI-era risks (OWASP Top 10 for LLM Applications, agentic systems, MCP security). It also addresses PCI-DSS secure coding expectations relevant to regulated environments, including secure SDLC practices, tokenization, encryption, and access control requirements.

Learning Objectives:

• Apply core secure design and coding principles mapped to common vulnerability classes (OWASP Top 10), including practical prevention and remediation patterns.
• Understand attacker tradecraft and exploit chains relevant to modern applications, including how vulnerabilities are discovered and operationalized.
• Implement browser-side and web platform defenses, including Content Security Policy (CSP) and common hardening patterns.
• Manage third-party and supply chain risk, including dependency hygiene, SBOM concepts, and secure consumption of libraries/components.
• Secure microservice-based systems, including service-to-service authentication/authorization, least privilege, and common distributed-system failure modes that become security issues.
• Explain service mesh security fundamentals (e.g., Istio concepts), including identity, mTLS, policy enforcement, and observability considerations from a security perspective.
• Identify and mitigate AI application risks using the OWASP Top 10 for LLM Applications, including prompt injection, data leakage, insecure output handling, and tool/agent abuse patterns.
• Perform AI threat modeling for LLM-enabled and agentic workflows, including asset identification, trust boundaries, abuse cases, and control selection.
• Apply secure coding best practices for agentic AI systems, including tool-call authorization, constrained execution, secrets handling, output validation, and defense-in-depth for autonomous behavior.
• Assess MCP security concerns, including safe tool exposure, policy enforcement, and integration risks across model-to-tool interfaces.
• Interpret PCI-DSS secure coding expectations for developers, including secure SDLC alignment and practical implications of requirements around tokenization, cryptography, encryption, and access controls.

Intended Audience: ITS & E-commerce Developers

If you are interested in this course but not a member of the intended audience, provide justification to your supervisor and director on how the subject matter aligns with your current role and or future responsibilities. Upon their approval, please email us at its.training@alaskaair.com.

Prerequisites:

• Familiarity with Alaska Air Group applications
• Comprehension of web application concepts (such as HTTP request/response)
• Solid understanding of software development and design

Remarks:

• The course consists of two separate 3.5-hour sessions. You must attend both sessions, in any order.
• The sessions are virtual. Registered participants will receive MS Teams connection instructions prior to the class.
• Approved contractors who code are eligible to attend.

• Wednesday, February 11, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Wednesday, February 11, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar
• Thursday, February 12, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Wednesday, February 18, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar
• Thursday, February 19, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Tuesday, February 24, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar
• Wednesday, February 25, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Wednesday, February 25, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar

This course reinforces secure design and secure coding fundamentals grounded in real-world exploitation patterns and the OWASP Top 10, while extending coverage to modern architectures (microservices, service mesh) and AI-era risks (OWASP Top 10 for LLM Applications, agentic systems, MCP security). It also addresses PCI-DSS secure coding expectations relevant to regulated environments, including secure SDLC practices, tokenization, encryption, and access control requirements.

Learning Objectives:

• Apply core secure design and coding principles mapped to common vulnerability classes (OWASP Top 10), including practical prevention and remediation patterns.
• Understand attacker tradecraft and exploit chains relevant to modern applications, including how vulnerabilities are discovered and operationalized.
• Implement browser-side and web platform defenses, including Content Security Policy (CSP) and common hardening patterns.
• Manage third-party and supply chain risk, including dependency hygiene, SBOM concepts, and secure consumption of libraries/components.
• Secure microservice-based systems, including service-to-service authentication/authorization, least privilege, and common distributed-system failure modes that become security issues.
• Explain service mesh security fundamentals (e.g., Istio concepts), including identity, mTLS, policy enforcement, and observability considerations from a security perspective.
• Identify and mitigate AI application risks using the OWASP Top 10 for LLM Applications, including prompt injection, data leakage, insecure output handling, and tool/agent abuse patterns.
• Perform AI threat modeling for LLM-enabled and agentic workflows, including asset identification, trust boundaries, abuse cases, and control selection.
• Apply secure coding best practices for agentic AI systems, including tool-call authorization, constrained execution, secrets handling, output validation, and defense-in-depth for autonomous behavior.
• Assess MCP security concerns, including safe tool exposure, policy enforcement, and integration risks across model-to-tool interfaces.
• Interpret PCI-DSS secure coding expectations for developers, including secure SDLC alignment and practical implications of requirements around tokenization, cryptography, encryption, and access controls.

Intended Audience: ITS & E-commerce Developers

If you are interested in this course but not a member of the intended audience, provide justification to your supervisor and director on how the subject matter aligns with your current role and or future responsibilities. Upon their approval, please email us at its.training@alaskaair.com.

Prerequisites:

• Familiarity with Alaska Air Group applications
• Comprehension of web application concepts (such as HTTP request/response)
• Solid understanding of software development and design

Remarks:

• The course consists of two separate 3.5-hour sessions. You must attend both sessions, in any order.
• The sessions are virtual. Registered participants will receive MS Teams connection instructions prior to the class.
• Approved contractors who code are eligible to attend.

• Thursday, February 12, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar
• Tuesday, February 17, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Tuesday, February 17, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar
• Wednesday, February 18, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Thursday, February 19, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar
• Tuesday, February 24, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Thursday, February 26, 2026 from 8:30 AM to 12:00 PMMicrosoft Teams Webinar
• Thursday, February 26, 2026 from 1:00 PM to 4:30 PMMicrosoft Teams Webinar

What's a leg? What's a seg? What are OOOI's?  How do pilots know what schedule to fly? What's a codeshare?  Why do people get so freaked out when Visops is down?  What is Visops?

Learn airline operations basics, including terminology, business roles, and responsibilities. Understand the flight lifecycle from scheduling to post-departure. Recognize how ITS systems are used throughout the operation

Course Objectives:

• Introduction to airline operations terminology, business roles, and responsibilities.
• Explain the lifecycle of a flight from scheduling to post-departure.
• Recognize how ITS systems are used throughout the operation.

Intended Audience:

• ITS & e-commerce New Employees

Prerequisites: None

Remarks:

• This class is delivered via MS Teams (virtual webinar). 
• Teams meeting link will be sent to the registered participants prior to the session.

• Please check back soon for class schedule.

In this class, attendees will learn about Alaska’s CARE Team Program, legislation, and legal requirements, and how to support and meet the needs of survivors and guests’ families after an aircraft incident or accident occurs

Intended Audience: Air Group employees

Prerequisites: Manager approval

Remarks: Offered by ASERBC - Emergency Response

• Tuesday, February 10, 2026 from 9:00 AM to 4:00 PMSEA: Flt Trn Ctr - ECC

Learn airline industry jargon and how we sell air travel and ancillaries through our commercial channels. This course is intended to give you a good business and technical insight into how commercial systems work at Alaska Airgroup. 

Learning Objectives:

• Discover the foundations of selling air travel and ancillaries.
• Realize the meaning of terms like PNR, VCR, OA, PSS, etc.
• Explore how the customer journey is organized and described.
• Recognize how air travel is priced and how we handle promotional discounts.
• Identify the various pieces of a travel reservation and how complimentary elite upgrades work.
• Assess the functions of the technical components of the major commercial systems.

Intended Audience:

• All technical and non-technical employees who would like to broaden their understanding of the airline industry and specifically how AAG commercial systems work.

Remarks:

• Laptops are not required
• Teams meeting link will be sent to the registered participants prior to the session.

• Please check back soon for class schedule.

Take your dashboarding skills to the next level and learn how to deliver visually appealing, highly impactful Grafana dashboards with design details that will wow your colleagues.
In this hands-on workshop, Grafana Labs engineers will show you how to design professional-grade dashboards that go beyond basic charts to deliver true operational intelligence.

Learning Objectives:

• Discover how to identify and achieve each dashboard’s purpose
• Guide to choosing the most impactful type of dashboard
• Explore strategies for utilizing visual hierarchy to make dashboards appealing and easy to use
• Participate in live Q&A with Grafana Labs dashboarding experts

Intended Audience:

• ITS Employees and Contractors

Remarks:

• Teams meeting invite will be sent to the registered participants prior to the session.

• Tuesday, February 10, 2026 from 1:00 PM to 3:30 PMMicrosoft Teams Webinar

This three-day beginners class is designed for employees new to Containers, Dockers and Kubernetes. The course consists of a breakdown of introductory concepts of all three.

Course Outline:

• Getting Started with Containers & Kubernetes
• Understanding Immutable Infrastructure
• Lifecycle of a Container
• Building Container Images
• Shipping and Sharing Images
• Using container registries
• Applications on Kubernetes (Pods, Services, Deployments)
• YAML primer
• Effective Interfacing with Kubernetes using Kubectl
• Namespaces and Quotas
• Elasticity and Scaling
• Understanding Ingress
• ConfigMaps and Secrets
• Helm & Kustomize
• Overview of Kubernetes Architecture
• Networking Options
• Security with Secrets, RBAC
• Storage Options & Stateful Sets
• The GitOps Approach

Intended Audience: ITS Employees

Remarks:

• This class is delivered via MS Teams (virtual webinar).
• Registered participants will receive MS Team connection instructions prior to the class.
• Participants are expected to attend all three days of the class.

• Please check back soon for class schedule.

Sabre is the global distribution system that Alaska and hundreds of other airlines use to aggregate flights and passenger records, and tickets. This high-level class will provide an introduction to Sabre and PNRs (Passenger Name Records).

Objectives:

• Learn what Sabre is and how it connects AS to the rest of the travel world
• Discuss the different Sabre environments
• Review the various fields of a guest reservation and a guest ticket
• Identify how both the reservation and ticket are connected

Intended Audience: ITS & E-commerce Employees Only

Remarks:

• This class is delivered via MS Teams (virtual webinar). 
  Registered participants will receive MS Team connection instructions prior to the class 

• Please check back soon for class schedule.

This course is comprised of multiple 90-minute webinar sessions - delivered weekly, over a four-month span. Please do not register unless you can attend all sessions.

Participants will develop knowledge and skills in basic RF theory and radio systems. This course will cover material and topics not included in the Radio License Manual workbook. Specific Alaska systems, installation standards, troubleshooting, regulatory topics, licensing, and more will be covered in depth.

Course Objectives:

• Discover the basics of electronics and radio theory.
• Explore propagation, signals, and feed lines.
• Identify radio equipment and antennas.
• Explain licensing and operating regulations.
• Demonstrate safe and proper installations & troubleshooting.

Intended Audience:

• ITS Employees & Contractors

Remarks:

• Manager approval required.
• Please do not register unless you are willing to attend all sessions. 
  • [ Classes are subject to the needs of the operation and we will flex accordingly ]
  • This is a series of classes delivered once weekly for approximately 18 weeks.
• Teams meeting link will be sent to the registered participants prior to the session.

• Friday, February 27, 2026 from 1:00 PM to 2:30 PMMicrosoft Teams Webinar
  This class continues on:
  Fri 3/6/2026 from 1:00 PM to 2:30 PM
  Fri 3/13/2026 from 1:00 PM to 2:30 PM
  Fri 3/20/2026 from 1:00 PM to 2:30 PM
  Fri 3/27/2026 from 1:00 PM to 2:30 PM
  Fri 4/3/2026 from 1:00 PM to 2:30 PM
  Fri 4/10/2026 from 1:00 PM to 2:30 PM
  Fri 4/17/2026 from 1:00 PM to 2:30 PM
  Fri 4/24/2026 from 1:00 PM to 2:30 PM
  Fri 5/1/2026 from 1:00 PM to 2:30 PM
  Fri 5/8/2026 from 1:00 PM to 2:30 PM
  Fri 5/15/2026 from 1:00 PM to 2:30 PM
  Fri 5/22/2026 from 1:00 PM to 2:30 PM
  Fri 5/29/2026 from 1:00 PM to 2:30 PM