Security Operations Analyst 1

Introduction to SOC Analyst 1

In the Security Operations Center (SOC) Analyst 1 role or Junior Security Analyst role, you will be a Triage Specialist. You will spend a significant portion of your time triaging or monitoring the event logs and alerts.
The responsibilities of a Junior Security Analyst or Tier 1 SOC Analyst include the following,
  • Monitor and investigate alerts (most of the time, it’s a 24 x 7 SOC operations environment)
  • Configure and manage security tools
  • Develop and implement IDS signatures
  • Escalate the security incidents to the Tier 2 and Team Lead if needed

Section 1 – Cyber Defense Frameworks

  • Junior Security Analyst Intro
  • Pyramid Of Pain
  • Cyber Kill Chain
  • Unified Kill Chain
  • Diamond Model
  • MITRE
  • Summit
  • Eviction

Section 2 – Cyber Threat Intelligence

  • Intro to Cyber Threat Intel
  • Threat Intelligence Tools
  • Yara
  • OpenCTI
  • MISP
  • Friday Overtime
  • Trooper

Section 3 – Network Security and Traffic Analysis

  • Traffic Analysis Essentials
  • Snort
  • Snort Challenge – The Basics
  • Snort Challenge – Live Attacks
  • NetworkMiner
  • Zeek
  • Zeek Exercises
  • Brim
  • Wireshark: The Basics
  • Wireshark: Packet Operations
  • Wireshark: Traffic Analysis
  • TShark: The Basics
  • TShark: CLI Wireshark Features
  • TShark Challenge I: Teamwork
  • TShark Challenge II: Directory

Section 4 – Endpoint Security Monitoring

  • Intro to Endpoint Security
  • Core Windows Processes
  • Sysinternals
  • Windows Event Logs
  • Sysmon
  • Osquery: The Basics
  • Wazuh
  • Monday Monitor
  • Retracted

Section 5 – Security Information and Event Management

  • Introduction to SIEM
  • Investigating with ELK 101
  • ItsyBitsy
  • Splunk: Basics
  • Incident handling with Splunk
  • Investigating with Splunk
  • Benign

Section 6 – Digital Forensics and Incident Response

  • DFIR: An Introduction
  • Windows Forensics 1
  • Windows Forensics 2
  • Linux Forensics
  • Autopsy
  • Redline
  • KAPE
  • Volatility
  • Velociraptor
  • TheHive Project
  • Intro to Malware Analysis
  • Unattended
  • Disgruntled
  • Critical
  • Secret Recipe

Section 7 – Phishing

  • Phishing Analysis Fundamentals
  • Phishing Emails in Action
  • Phishing Analysis Tools
  • Phishing Prevention
  • The Greenholt Phish
  • Snapped Phishing Line

Section 8 – SOC Level 1 Capstone Challenges

  • Tempest
  • Boogeyman 1
  • Boogeyman 2
  • Boogeyman 3