Szkolenia SECO-Institute

Cel szkolenia szkolenie zdalne - dlearning

kod: SECO-SOC | wersja: 1

SOC Analyst  in 5 day split workout format.

The SOC Analyst training is a comprehensive 5 - day course that immerses you into the processes, data flows, models and capabilities of a Security Operations Center (SOC). You will understand how a SOC operates and familiarize yourself with the tools and technologies SOC Analysts use in their daily work. You will learn to master log collection, log analysis and threat detection, and you will gain hands-on experience in threat analysis, incident response and reporting.

The course takes a 50-50 theory vs practice approach. It evaluates best practices and common frameworks like MITRE ATT&CK, MagMa Use Case Framework, and tools and techniques to put them into practice. The course highlights where and how data is collected, provides an overview of technologies deployed and how they interconnect (eg SIEM, Intrusion Detection Systems, Endpoint Detection & Response, Security Orchestration, Threat Intelligence Platforms, Network Traffic Analysis tools, vulnerability scanners…). The training delivers a simulated SOC environment including a Security Information and Event Management System (SIEM) with a large dataset for the exercises and ends with a capture the Flag Event, a one - day experience in a virtual SOC.

What will you learn?

  • Understand how a SOC operates, what services are provided, the technologies and tools deployed and how they interconnect
  • Master log collection, log analysis and threat detection
  • Hands-on experience in threat analysis, incident response and reporting

This course is intended for:

  • IT- and Security professionals either early in their SOC- career or new to working in a SOC, that want to become a Tier 1/Tier 2 SOC Analysts / those that want to work in a dedicated team of cybersecurity experts to detect, contain and remediate IT threats.
  • Cyber defense teams that are looking to onboard new team members, organisations that are in housing security operations and / or associated new technologies
  • Typical participants include but are not limited to system engineers, security analysts, security consultants, IT experts, incident investigators, security engineers and architects
  • The training also benefits security managers keen to learn how to successfully build and manage efficient SOC Operations based on a more solid and practical understanding of its working.

Course schedule:

  • 27.11.2020
  • 03.12.2020
  • 08.12.2020
  • 11.12.2020
  • 18.12.2020

Registration for 27.11.2020 means acceptance of the entire schedule.

Plan szkolenia Rozwiń listę

  1. Organisation and Implementation Strategies
    • Organisation of IT Security & Staff & processes
    • Getting acquainted with the applicable IT Security authorisations, mandates, & policies
    • Getting acquainted with SOC models and services
    • Getting acquainted with SOC capabilities
  2. Log Collection and Monitoring
    • Define data gathering strategies
    • Developing an effective pattern management strategy
    • Setting up and configuring log collections
    • Setting up and configuring log monitoring/analysis
    • Getting acquainted with log examples (Hands-On)
    • Analyse log collections (Hands-On)
  3. Identifying and Detecting Basic Network and Infrastructure Security Threats
    • Types of network and infrastructure security threats
    • How to detect this network or infrastructure security threats (use cases)
    • Difference between a vulnerability, a threat and an incident
  4. Understanding, Analysing and Monitoring Cyber Threats
    • Evaluation on findings, from homework (Hands-On)
    • Walkthrough of all the possible findings including theoretical explanations (Hands-on)
  5. Preparing for, Responding to, and Reporting on Basic Network and Infrastructure Security Threats
    • How to prepare for an incident, what do you need to have
    • How to react on an incident, what to do and what not to do (Hands-on)
    • How to manage the incident
  6. Capture the Flag Event – Just Another Day in the Office. A one-day experience in a virtual SOC, with the following components:
    • Threat intel situations: Threat Intel gathering and impact analysis for the organisation.
    • Incidents: Respond on different incidents during the day including making decisions about urgency.
    • Analysis: Is it an incident? What is the impact? What is the scope?
    • Reporting: You need to make a short report about one incident and present it
Pobierz konspekt szkolenia w formacie PDF

Dodatkowe informacje

Wymagania wstępne

Basic understanding of TCP/IP, operating system fundamentals and common security concepts. Students are expected to have a basic understanding of application layer protocols such as http, smtp, ssh and ftp. Understanding of Linux command-line is a big plus/ desirable.

Poziom trudności
Czas trwania 5 dni

The participants will obtain certificates signed by SECO-Institute, S-ITSE (SECO-ITSE) IT-Security Expert Certificate if pass the exam.

Each participant in an authorized SOC Analyst training will receive a one free attempt to S-ITSE exam.


Certified SECO-Institute trainer.

Informacje dodatkowe

1 year free SECO-Membership for participants who pass the exam.

Pozostałe szkolenia SECO-Institute | Dark Web

Szkolenia powiązane tematycznie

Bezpieczeństwo IT

Formularz kontaktowy

Prosimy o wypełnienie poniższego formularza, jeśli chcą Państwo uzyskać więcej informacji o powyższym szkoleniu.

* pola oznaczone (*) są wymagane

Informacje o przetwarzaniu danych przez Compendium – Centrum Edukacyjne Spółka z o.o.


Najbliższe szkolenia SECO-Institute

Harmonogram szkoleń