SOC Analyst 1 / Elite

In this training we dig deeper into the everyday basics of a SOC. We're introduced to many more tools and actually get to utilize them in a real scenario.

ScrnShots

First use of windows ProcMon and Linux Syslogging

I remember this being the most interactive/fun introduction to Splunk. Prior I had absolutely Zer0 experience with it. Now I know why its regarded as a highly known and powerful tool in the industry.

Really dug into the Email phishing aspect in this lab. We analyzed how one simple click can turn into a nightmare for a company.

Oh man YARA rules. Those tripped me up a little bit. 

rule_This is a Test
{
    $string: %Youhavenoidea
    $start: %Sanityhere
    $end: %Nosanityfound
}

For the capstone we were given a scenario where an employee clicked a malicious link. We went through the logs, dug through splunk, and VirusTotaled possible malicious links

This says incomplete, but I definitely finished it.

SOC 1 Elite

PreviousCybersecurity EssentialsNextSOC Analyst 2

Last updated

Was this helpful?