Monsoon Special Offer: Get Free Courses and   Up to 50% on Career Booster Combos!
D H M S
32-Hour LIVE Training
Rated the best Trustpilot 4.9/5 Read Reviews
Infosectrain Group Learner
Infosectrain Learner Point 70,000+ Learners

Program Highlights

The SOC (Security Operations Center) Analyst training curriculum has been carefully crafted to provide aspiring and present SOC Analysts with a thorough knowledge of SOC operations and processes. Learn to recognize and respond to information security incidents, create and track security events like alerts, and conduct security investigations. Learn tools like Splunk and Security Onion.

  • 32-Hour LIVE Instructor-led Training32-Hour LIVE Instructor-led Training
  • Highly Customized TrainingHighly Customized Training
  • Hands-on LabsHands-on Labs
  • Scenario-based Learning on Latest ToolsScenario-based Learning on Latest Tools
  • Hands-on exam to get certifiedHands-on exam to get certified
  • Career Guidance and Interview PrepCareer Guidance and Interview Prep
  • Post Training SupportPost Training Support
  • Access to Recorded SessionsAccess to Recorded Sessions

Learning Schedule

  • upcoming classes
  • corporate training
  • 1 on 1 training
Upcoming classes
19 Oct - 10 Nov Online Weekend 09:00 - 13:00 IST BATCH OPEN
corporate training

Why Choose Our Corporate Training Solution

  • Upskill your team on the latest tech
  • Highly customized solutions
  • Free Training Needs Analysis
  • Skill-specific training delivery
  • Secure your organizations inside-out

Seeking Corporate Training?

Discover Tailored Solutions for your unique needs. Request a Quote Today!

1-on-1 training

Why Choose 1-on-1 Training

  • Get personalized attention
  • Customized content
  • Learn at your dedicated hour
  • Instant clarification of doubt
  • Guaranteed to run

Desire Personalized Attention?

Request for exclusive batches that are tailored just for you, with flexible schedules.
Ask for 1-on-1 Training Now!

Can't Find a Suitable Schedule? Talk to Our Training Advisor

Offer|InfosecTrain
About course

SOC Analysts play a crucial position in today’s security teams since they are on the front lines of cyber defense, identifying and responding to cyber threats as they occur.

The InfosecTrain’s SOC Analyst training course is specifically created for aspiring and current SOC Analysts who want to learn how to prevent, identify, assess, and respond to cybersecurity threats and incidents. The course is the first level of a course series that includes Level 1-SOC Analyst and Level 2-SOC Specialist, and is specifically designed to assist you in mastering over trending and in-demand technical abilities to carry out numerous sophisticated SOC activities.

The course begins with the fundamentals of SOC teams and Blue Team operation architecture before moving on to more advanced topics such as digital forensics, incident response, threat intelligence, and SIEM (Security Incident and Event Management) solutions.

This training course also helps participants plan their preparation for the SOC Analyst certification examinations, which are required to obtain the most sought-after position in the SOC team.

 
SOC Analyst Tools Covered

Learning Outcome

Skimming CyberSecurity Concepts

  • Understanding Red, Blue & Purple teams
  • Roles and responsibilities
  • CIA Triad
  • Networking Fundamentals

 

Security Operations 101

  • Understanding SecOps
  • Security monitoring and detection fundamentals
  • Incident Response essentials
  • Incident Response Lifecycle
  • Pyramid of Pain & Diamond Model
  • Understanding CTI and use cases
  • APT, IoC concepts
  • Understanding SOC terms, SOC KPIs, RACI etc.
  • Security frameworks and benchmarks, CIS, NIST etc.

 

Linux Operating System Fundamentals [Hands-On]

  • Linux Directory Services
  • Most useful Linux Commands in SOC
  • Events Logs in Linux
  • Linux System Services

 

First Line of Defense

  • Understanding SIEM
  • Importance and factors while considering SIEM
  • Basic Architecture of SIEM
  • Correlation, aggregation, normalisation and parsing concepts
  • SIEM logging standards

 

Incident Response with Wazuh SIEM [Hands-On]

  • Introduction to Wazuh
  • Wazuh Architecture & Why choose Wazuh?
  • Integrating Wazuh agents with endpoints
  • C2 with APT emulation & Active Responses with Wazuh
  • Detection of process level attacks
  • FIM monitoring with Wazuh
  • Vulnerability Management using Wazuh
  • System hardening using Wazuh
  • Endpoint Protection (EDR ) using Wazuh

 

MITRE ATT&CK and D3FEND

  • Introduction to ATT&CK Framework
  • Understanding TTPs
  • CTI correlation with ATT&CK
  • Operationalizing ATT&CK for Red
  • Operationalizing ATT&CK for Blue
  • MITRE D3FEND

 

Windows Endpoint Hunting Essentials [Hands-On]

  • Introduction
  • Windows Processes
  • Smss.exe
  • Winlogon.exe
  • Wininit.exe
  • Services.exe
  • Lsass.exe
  • Svchost.exe
  • Taskhost.exe
  • Explorer.exe
  • Monitoring and Detecting USB drives in Windows using Wazuh
  • Process Injection lab in Wazuh

 

Hunting for APT (Advanced Persistent Threat) [Hands-On]

  • Lab architecture
  • Debrief: APT Dark Pink
  • Dark Pink APT Timeline
  • Dark Pink APT Activity
  • Dark Pink APT Attack Chain
  • Dark Pink APT MITRE Mapping
  • Hunting APT using Jupyter Notebooks

 

Yara for Incident Response [Hands-On]

  • Execute Yara tool
  • Writing Yara Rules
  • Basic Syntax Create & execute your first Yara Rule
  • Finetune your Yara Rule
  • Strings in Yara
  • Case insensitive String
  • Wide-Character String
  • XOR String Base64 String
  • Searching for full word
  • Hunting with Yara
  • Virustotal & Yara

 

Analysing Phishing Emails [Practical]

  • Analysing Artefacts
  • Red Flags of Phishing Emails
  • URL Reputation
  • File Reputation
  • SPF
  • DKIM
  • DMARC
  • Manual & Automated Analysis

 

Understanding Case Management [Hands-On]

  • Deploying theHive
  • Understanding the architecture
  • TheHive4 VS TheHive5
  • Creation & triage cases in Hive
  • Using Hive Data fields
  • Pushing Alerts to TheHive
  • Using Responders
  • Case Templates

 

Security Operations using Copilot [Hands-On]

  • Copolit fundamentals
  • Features of copilot
  • Integration of Wazuh with Copilot
  • AI use case of Copilot for SOC

 

SOAR 101 [Hands-On]

  • SOAR fundamentals
  • Deploying Shuffle
  • Automation security using Shuffle
  • SOAR + AI for next level ops

 

SOC Interview Preparation

  • Common Questions & Situational Based Questions
  • Key element to crack SOC/ any security interviews
  • QnA

Target Audience
  • Technical Support Engineers
  • System Administrators
  • Security Consultants
  • Cyber Security Analysts
  • Network Engineers
  • Network Architects or Admin
  • Security System Engineers
  • SOC Analysts (L1 & L2)
  • Information Security Researcher
  • Entry-level Information Security role
  • Anyone Who wants to become SOC Analyst
Pre-requisites

Basic Knowledge of:

  • Networking fundamentals
  • OS basics & Troubleshooting is recommended
  • Basics of Information Security
  • Basics of Cyber World & Security
  • Beginner or Fresher for SOC Operations Centre
  • Working on Information Security Role
Exam Information

This course is not directly linked to any exam. However, the course curriculum provides in-depth training and expertise for participants to qualify any SOC exam or interview to become seasoned SOC Analysts.

Course Objectives

This SOC Analyst training course allows you to:

  • Understand the Security Operation Center (SOC) team operations
  • Understand Blue Team operations architecture
  • In-depth knowledge of digital forensics, threat intelligence, and incident response
  • Understand technical strategies, tools, and procedures to safeguard data for your organization
  • Understand essential SOC tools like Splunk and Security Onion
  • Understand how to recognize threats and implement countermeasures
Still unsure?
We're just a click away
For
loader-infosectrain

Can't wait? Get in touch now

Toll Free Numbers

How We Help You Succeed

Vision

Vision

Goal

Goal

Skill-Building

Skill-Building

Mentoring

Mentoring

Direction

Direction

Support

Support

Success

Success



Your Trusted Instructors

Words Have Power

Success Speaks Volumes

Success Story

Get a Sample Certificate

Sample Certificate

Frequently Asked Questions

What is a Security Operation Center (SOC)?

A Security Operations Center (SOC) is an essential component of a data protection and security system that helps lower the level of risk that information systems face from external and internal threats.

What steps can I take to become a SOC Analyst?

You will need a bachelor’s degree in computer science or a related discipline to become a SOC Analyst. Additionally, you must receive sufficient training from a reputable institution to obtain certification and experience to become a SOC Analyst. Each company looking to hire a SOC Analyst will have different experience requirements, so get the experience you need.

What skills do you need to work as a SOC Analyst?

You will require the following skills to become a SOC Analyst:

  • Programming skills
  • Understanding of cybersecurity and information security fundamentals
  • Understanding of network security
  • Incident handling and documentation
  • Ethical hacking skills

Is SOC a viable career option?

SOC Analyst is a job title that is held by both newcomers and seasoned professionals in the field of information security. It is a great stepping stone into a cybersecurity professional, but it is also challenging.

What do SOC Analysts get paid?

As per Indeed, the typical salary for a SOC Analyst in the United States is $84,601 per year.

What are the tools that a SOC Analyst employs?

  • Splunk
  • Security Onion
  • AlienVault

What is the role of a SOC Analyst?

A SOC Analyst is a member of the cybersecurity team in charge of monitoring and combating threats to a company’s IT infrastructure. They are at the forefront against security threats, and they are responsible for evaluating security systems, discovering and repairing vulnerabilities, and increasing cyber resilience.

What is Security Information and Event Management?

SIEM or Security Information and Event Management is a software system that collects and analyses data from a variety of sources throughout your IT infrastructure.

Difference between NOC and SOC?

The NOC is in charge of ensuring that corporate infrastructure can support business activities, while the SOC is in charge of safeguarding the company from cyber-attacks that could interrupt such operations.

TOP
whatsapp