Introduction:

The Security Operation Center (SOC) Analyst Training program is tailored for individuals seeking to join a security operations center (SOC) team and for current SOC analysts looking to enhance their skills. The program focuses on providing comprehensive training on SOC operations, log management and correlation, SIEM deployment, advanced incident detection, and response. Through a combination of theoretical knowledge and hands-on practice, the program equips participants with the necessary skills to identify and validate intrusion attempts, use SIEM solutions, and predict potential threats using threat intelligence. Candidates will also learn about the latest tools and techniques for identifying and mitigating cyber threats, as well as how to develop intelligence requirements and create Indicators of Compromise (IOCs). Through instruction by experienced trainers, participants will gain a comprehensive understanding of cyber security and the ability to effectively contribute to a SOC team.Upon completion of the course, participants will be able to effectively monitor and respond to potential cyber-attacks and contribute to the protection of their organization’s network security.

Enroll now to take the first step in joining a security operations center and stay ahead in the ever-evolving cyber security landscape.

Course Details:

This course is divided into 8 modules:

Module 1: Introduction to SOC
  • Overview of the role and purpose of a SOC
  • Key functions and responsibilities of a SOC
  • Understanding the different roles and processes within the SOC organization
  • Introduction to key technologies and tools used by SOC teams.

 

Module 2: Understanding Cyber Threats and Attack Methodology
  • Emerging cyber threats and the threat spectrum
  • Understanding Indicators of Compromise (IoCs)
  • Familiarization with different types of attack methodologies

 

Module 3: SIEM, EDR and Firewall Deployments
  • Open-source Security Information and Event Management (SIEM) deployment and configuration
  • Open-source Endpoint Detection and Response (EDR) deployment and configuration
  • Firewall deployment and configuration
  • Integration of SIEM with firewalls and EDRs
  • Log collection, event handling
  • Cyber Incident and alarms
  • Asset categorization
  • Audit, Compliance, and vulnerability assessment

 

Module 4: Incident Detection and Threat Intelligence
  • Use of Cyber Threat Intelligence (CTI) with SIEM solution
  • MITRE ATT&CK and its integration with SIEM solution
  • Advanced threat detection using the predictive capabilities of CTI

 

Module 5: Incident Response and Mitigation
  • Steps involved in responding to a security incident
  • Triage and prioritization of incidents
  • Gathering and analyzing data
  • Communicating with other teams and stakeholders
  • Use of incident response plans and playbooks

 

Module 6: Network and Host-based Security
  • Fundamentals of network and host-based security
  • Understanding common security protocols
  • Familiarization with different types of firewalls and intrusion detection/prevention systems (IDS/IPS)
  • Implementing security controls for network and host-based systems

 

Module 7: SOC Operations and Management
  • Understanding the day-to-day operations of a SOC
  • Familiarization with different types of SOC tools and technologies
  • Understanding the importance of incident management and incident response
  • Best practices for SOC operations and management

 

Module 8: Capstone Project
  • Hands-on application of knowledge and skills learned during the training
  • Use of different tools and technologies to simulate a real-world cyber incident
  • Analysis and response to the simulated incident
  • Presentation of findings and recommendations

Who Should Participate ?

  • Current and aspiring Tier I and Tier II SOC analysts who want to achieve proficiency in SOC operations.
  • Individuals who want to create new career opportunities by developing extensive knowledge and enhanced capabilities for contributing to a SOC team.
  • Security professionals who want to learn about the latest tools, techniques, and best practices for detecting and responding to cyber threats.
  • IT professionals who want to learn about the practical aspects of SIEM, log management, and incident response.