In this training we dig deeper into the everyday basics of a SOC. We're introduced to many more tools and actually get to utilize them in a real scenario.
ScrnShots
First use of windows ProcMon and Linux Syslogging
I remember this being the most interactive/fun introduction to Splunk. Prior I had absolutely Zer0 experience with it. Now I know why its regarded as a highly known and powerful tool in the industry.
Really dug into the Email phishing aspect in this lab. We analyzed how one simple click can turn into a nightmare for a company.
Oh man YARA rules. Those tripped me up a little bit.
For the capstone we were given a scenario where an employee clicked a malicious link. We went through the logs, dug through splunk, and VirusTotaled possible malicious links
This says incomplete, but I definitely finished it.
