Security Operations Analyst 2

Introduction to SOC Analyst 2

The Security Operations Center (SOC) Analyst 2 or Senior Cyber Security Analyst role aims to help you succeed in your SOC career.
It will help you transition into a Level 2 position or strengthen the core technical skills you need to perform well in your current position, using hands-on, practical, and realistic scenarios.
Through realistic scenarios, you will practice log analysis in-depth and acquire hands-on experience using various SIEM platforms.
The path will also cover detection engineering topics, allowing you to troubleshoot and fix detection, alerting, and logging issues.
Finally, you will learn essential technical skills to perform advanced Blue Teaming tasks, such as threat hunting and emulation, incident response, and malware analysis.

Section 1 – Log Analysis

Intro to Logs
Log Operations
Intro to Log Analysis

Section 2 Advanced Splunk

Splunk: Exploring SPL
Splunk: Setting up a SOC Lab
Splunk: Dashboards and Reports
Splunk: Data Manipulation
Fixit

Section 3 – Advanced ELK

Logstash: Data Processing Unit
Custom Alert Rules in Wazuh
Advanced ELK Queries
Slingshot

Section 4 – Detection Engineering

Intro to Detection Engineering
Tactical Detection
Threat Intelligence for SOC
Sigma
SigHunt
Aurora EDR
SOAR

Section 5 – Threat Hunting

Threat Hunting: Introduction
Threat Hunting: Foothold
Threat Hunting: Pivoting
Threat Hunting: Endgame
Hunt Me I: Payment Collectors
Hunt Me II: Typo Squatters

Section 6 – Threat Emulation

Intro to Threat Emulation
Threat Modelling
Atomic Red Team
CALDERA
Atomic Bird Goes Purple #1
Atomic Bird Goes Purple #2

Section 7 – Incident Response

Preparation
Identification & Scoping
Threat Intel & Containment
Eradication & Remediation
Lessons Learned
Tardigrade

Section 8 – Malware Analysis

x86 Architecture Overview
x86 Assembly Crash Course
Windows Internals
Dissecting PE Headers
Basic Static Analysis
MalBuster
Advanced Static Analysis
Basic Dynamic Analysis
Dynamic Analysis: Debugging
Anti-Reverse Engineering
MalDoc: Static Analysis

Introduction to SOC Analyst 2

The Security Operations Center (SOC) Analyst 2 or Senior Cyber Security Analyst role aims to help you succeed in your SOC career.

It will help you transition into a Level 2 position or strengthen the core technical skills you need to perform well in your current position, using hands-on, practical, and realistic scenarios.

Through realistic scenarios, you will practice log analysis in-depth and acquire hands-on experience using various SIEM platforms.

The path will also cover detection engineering topics, allowing you to troubleshoot and fix detection, alerting, and logging issues.

Finally, you will learn essential technical skills to perform advanced Blue Teaming tasks, such as threat hunting and emulation, incident response, and malware analysis.

Section 1 – Log Analysis

Intro to Logs

Log Operations

Intro to Log Analysis

Section 2 Advanced Splunk

Splunk: Exploring SPL

Splunk: Setting up a SOC Lab

Splunk: Dashboards and Reports

Splunk: Data Manipulation

Fixit

Section 3 – Advanced ELK

Logstash: Data Processing Unit

Custom Alert Rules in Wazuh

Advanced ELK Queries

Slingshot

Section 4 – Detection Engineering

Intro to Detection Engineering

Tactical Detection

Threat Intelligence for SOC

Sigma

SigHunt

Aurora EDR

SOAR

Section 5 – Threat Hunting

Threat Hunting: Introduction

Threat Hunting: Foothold

Threat Hunting: Pivoting

Threat Hunting: Endgame

Hunt Me I: Payment Collectors

Hunt Me II: Typo Squatters

Section 6 – Threat Emulation

Intro to Threat Emulation

Threat Modelling

Atomic Red Team

CALDERA

Atomic Bird Goes Purple #1

Atomic Bird Goes Purple #2

Section 7 – Incident Response

Preparation

Identification & Scoping

Threat Intel & Containment

Eradication & Remediation

Lessons Learned

Tardigrade

Section 8 – Malware Analysis

x86 Architecture Overview

x86 Assembly Crash Course

Windows Internals

Dissecting PE Headers

Basic Static Analysis

MalBuster

Advanced Static Analysis

Basic Dynamic Analysis

Dynamic Analysis: Debugging

Anti-Reverse Engineering

MalDoc: Static Analysis