Program Overview

Security Operation Center (SOC) Analyst Training Program

Overview

The Security Operation Center (SOC) Analyst Training program is tailored for individuals seeking to join a security operations center (SOC) team and for current SOC analysts looking to enhance their skills. The program focuses on providing comprehensive training on SOC operations, log management and correlation, SIEM deployment, advanced incident detection, and response.

Course Details

This course is divided into 8 modules:

Module 1: Introduction to SOC

• Overview of the role and purpose of a SOC
• Key functions and responsibilities of a SOC
• Understanding the different roles and processes within the SOC organization
• Introduction to key technologies and tools used by SOC teams

Module 2: Understanding Cyber Threats and Attack Methodology

• Emerging cyber threats and the threat spectrum
• Understanding Indicators of Compromise (IoCs)
• Familiarization with different types of attack methodologies

Module 3: SIEM, EDR and Firewall Deployments

• Open-source Security Information and Event Management (SIEM) deployment and configuration
• Open-source Endpoint Detection and Response (EDR) deployment and configuration
• Firewall deployment and configuration
• Integration of SIEM with firewalls and EDRs
• Log collection, event handling
• Cyber Incident and alarms
• Asset categorization
• Audit, Compliance, and vulnerability assessment

Module 4: Incident Detection and Threat Intelligence

• Use of Cyber Threat Intelligence (CTI) with SIEM solution
• MITRE ATT&CK and its integration with SIEM solution
• Advanced threat detection using the predictive capabilities of CTI

Module 5: Incident Response and Mitigation

• Steps involved in responding to a security incident
• Triage and prioritization of incidents
• Gathering and analyzing data
• Communicating with other teams and stakeholders
• Use of incident response plans and playbooks

Module 6: Network and Host-based Security

• Fundamentals of network and host-based security
• Understanding common security protocols
• Familiarization with different types of firewalls and intrusion detection/prevention systems (IDS/IPS)
• Implementing security controls for network and host-based systems

Module 7: SOC Operations and Management

• Understanding the day-to-day operations of a SOC
• Familiarization with different types of SOC tools and technologies
• Understanding the importance of incident management and incident response
• Best practices for SOC operations and management

Module 8: Capstone Project

• Hands-on application of knowledge and skills learned during the training
• Use of different tools and technologies to simulate a real-world cyber incident
• Analysis and response to the simulated incident
• Presentation of findings and recommendations

Who Should Participate ?

• Current and aspiring Tier I and Tier II SOC analysts who want to achieve proficiency in SOC operations
• Individuals who want to create new career opportunities by developing extensive knowledge and enhanced capabilities for contributing to a SOC team
• Security professionals who want to learn about the latest tools, techniques, and best practices for detecting and responding to cyber threats
• IT professionals who want to learn about the practical aspects of SIEM, log management, and incident response