Training EC-Council

Training goals

code: ECC-CSA | version: v2

CSA - Certified SOC Analyst v2

The Certified SOC Analyst training program covers a range of topics, including common attack vectors, the use of security tools and technologies, security information and event management (SIEM), incident response processes, coordination, and the development of a SOC. Students gain proficiency in centralized log management (CLM), incident triaging, recognition and investigation of indicators of compromise (IoCs) and the cyber kill chain, enabling them to respond proactively to potential threats. They also gain the ability to recognize emerging threat patterns, develop correlation rules, and create effective reports that help organizations maintain a robust security posture. Students also learn to leverage AI-enabled tools and platforms to enhance SIEM capabilities, behavior analytics, and alert prioritization, and automate threat detection and threat hunting using solutions like Splunk AI, Elastic AI, Copilot, ChatGPT, and PowerShell AI.

Completing the EC-Council C|SA course will equip students with the ability to run a robust SOC with enhanced incident detection and response capabilities.

 

What you will learn

  • Acquire a comprehensive knowledge of SOC processes, procedures, technologies, and workflows.
  • Develop a foundational and advanced understanding of security threats, attacks, vulnerabilities, attacker behavior, and the cyber kill chain.
  • Learn to identify attacker tools, tactics, and procedures to recognize (IoCs) for both active and future investigations.
  • Gain the ability to monitor and analyze logs and alerts from various technologies across multiple platforms, including IDS/IPS, endpoint protection, servers, and workstations.
  • Understand the CLM process and its significance in security operations.
  • Acquire skills in collecting, monitoring, and analyzing security events and logs.
  • Attain extensive knowledge and hands-on experience in SIEM.
  • Learn how to administer SIEM solutions like Splunk, AlienVault, OSSIM, and the ELK Stack.
  • Understand the architecture, implementation, and fine-tuning of SIEM solutions for optimal performance.
  • Gain practical experience in the SIEM use case development process.
  • Develop threat detection cases (correlation rules) and create comprehensive reports.
  • Learn about widely used SIEM use cases across different deployments.
  • Plan, organize, and execute threat monitoring and analysis within an enterprise environment.
  • Acquire skills to monitor emerging threat patterns and perform security threat analysis.
  • Gain hands-on experience in the alert triaging process for effective threat management.
  • Learn how to escalate incidents to the appropriate teams for further investigation and remediation.
  • Use service desk ticketing systems for efficient incident tracking and resolution.
  • Develop the ability to prepare detailed briefings and reports outlining analysis methodologies and results.
  • Learn how to integrate threat intelligence into SIEM systems for enhanced incident detection and response.
  • Understand how to leverage constantly evolving sources of threat intelligence.
  • Gain knowledge of the incident response process and best practices for managing security incidents.
  • Develop a solid understanding of SOC and incident response team (IRT) collaboration for improved incident management and response.
  • Assist in responding to and investigating security incidents with forensic analysis techniques.
  • Gain specialized knowledge in cloud-based threat detection and how to adapt techniques for cloud environments.
  • Engage in proactive threat detection by participating in threat-hunting exercises.
  • Develop skills in creating SIEM dashboards, generating SOC reports, and building effective correlation rules for advanced threat detection.
  • Acquire hands-on experience in malware analysis techniques.
  • Explore how AI/ML technologies can be leveraged to improve threat detection and response in SOC operations.

 

Who CSA v2 is for:

  • Any cybersecurity professional looking to expand their knowledge in the field of defensive security.
  • Junior SOC Security Analyst
  • SOC Analyst
  • Security Incident Response Analyst
  • SOC Threat Analyst
  • SOC Analysts (L1, L2, and L3)
  • Info Security Analyst 3

 

Each participant in an authorized training CSA - Certified SOC Analyst v2 held in Compendium CE will receive a free CSA v2 certification exam voucher.

Conspect Show list

  • Module 1 - Security Operations and Management
    • Learn how a SOC enhances an organization’s security management to maintain a strong security posture, focusing on the critical roles of people, technology, and processes in its operations.
  • Module 2 - Understanding Cyber Threats, IoCs, and Attack Methodology
    • Learn various cyberattacks, their IoCs, and the attack tactics, techniques, and procedures (TTPs) cybercriminals use.
  • Module 3 - Log Management
    • Learn log management in SIEM, including how logs are generated, stored, centrally collected, normalized, and correlated across systems.
  • Module 4 - Incident Detection and Triage
    • Learn SIEM fundamentals, including its capabilities, deployment strategies, use case development, and how it helps SOC analysts detect anomalies, triage alerts, and report incidents.
  • Module 5 - Proactive Threat Detection
    • Learn the importance of threat intelligence and threat hunting for SOC analysts and how its integration with SIEM helps reduce false positives and enables faster, more accurate alert triage.
  • Module 6 - Incident Response
    • Learn the stages of incident response and how the IRT collaborates with SOC to handle and respond to escalated incidents.
  • Module 7 - Forensic Investigation and Malware Analysis
    • Learn the importance of forensic investigation and malware analysis in SOC operations to understand attack methods, identify IoCs, and enhance future defenses.
  • Module 8 - SOC for Cloud Environments
    • Learn the SOC processes in cloud environments, covering monitoring, incident detection, automated response, and security in AWS, Azure, and GCP using cloud-native tools.
Download conspect training as PDF

Additional information

Prerequisites

A minimum of one year of professional experience in network or security administration (e.g., networking, IT security).
Difficulty level
Duration 3 days
Certificate

The participants will obtain certificates signed by EC-Council (course completion). This course will help prepare you also for the CSA v2 certification exam.

CSA v2 exam details:

  • Exam Code : 312-39
  • Number of Questions : 100
  • Duration : 3 hours
  • Test Format : Multiple Choice

 

Each participant in an authorized training CSA - Certified SOC Analyst v2 held in Compendium CE will receive a free CSA v2 certification exam voucher.

Trainer

Certified EC-Council Instructor (CEI)
Additional informations

The training materials include official EC-Council electronic courseware, 180-day access to iLabs, and an exam voucher.
EC-Council show more courses
Training thematically related

Security

Security | Aruba

Network Security | Broadcom

Java Programming | Capstone Courseware

Java EE | Capstone Courseware

Open-Source Frameworks | Capstone Courseware

XML and Web Services | Capstone Courseware

Core Training | Check Point

  • Download conspect training as PDF: Check Point Deployment Administrator (CPDA)

    Check Point Deployment Administrator (CPDA) training Check Point

    available training dates
    price from: 1100 EUR
    duration: 2 days
    difficulty level: 3 of 6
    code: CP-CPDA
    version: R82.x
    2026-02-23 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-23 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-23 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-23 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-30 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-30 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-25 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-25 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-29 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-29 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    Check Point
    Core Training
    Security
    Security
  • recommended training recommended training
    Download conspect training as PDF: Check Point Certified Security Administrator (CCSA)

    Check Point Certified Security Administrator (CCSA) training Check Point

    available training dates
    price from: 1200 EUR
    duration: 3 days
    difficulty level: 3 of 6
    code: CP-CCSA
    version: R82.x
    2025-12-19 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-01-12 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-01-12 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-02 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-02 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-02 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-02 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-13 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-13 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-27 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-27 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-04 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-04 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    Check Point
    Core Training
    Security
    Security
  • recommended training recommended training
    Download conspect training as PDF: Check Point Certified Security Expert (CCSE)

    Check Point Certified Security Expert (CCSE) training Check Point

    available training dates
    price from: 1200 EUR
    duration: 3 days
    difficulty level: 4 of 6
    code: CP-CCSE
    version: R82.x
    2026-01-26 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-01-26 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-16 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-16 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-16 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-16 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-18 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-18 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-15 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-15 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    Check Point
    Core Training
    Security
    Security

Infinity Specializations | Check Point

ICS/OT security | Compendium CE

Security+ | CompTIA

  • Download conspect training as PDF: CompTIA Security+ Prep Course

    CompTIA Security+ Prep Course training CompTIA

    available training dates
    price from: 1500 EUR
    duration: 5 days
    difficulty level: 2 of 6
    code: CT-SECURITY
    version: SY0-701
    2025-12-15 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-23 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-23 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-16 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-16 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-23 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-23 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-18 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-18 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-25 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-25 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    CompTIA
    Security+
    Security
    Security

CySA+ | CompTIA

PenTest+ | CompTIA

SecurityX (formerly CASP+) | CompTIA

Certified Ethical Hacker | EC-Council

  • Download conspect training as PDF: CEH - Certified Ethical Hacker v13

    CEH - Certified Ethical Hacker v13 training EC-Council

    available training dates
    price from: 2200 EUR
    duration: 5 days
    difficulty level: 3 of 6
    code: ECC-CEH
    version: v13
    2026-01-26 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-01-26 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-16 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-16 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-23 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-23 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-16 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-16 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-18 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-18 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-22 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    EC-Council
    Certified Ethical Hacker
    Security

Advanced WAF (AWAF) | F5

  • Download conspect training as PDF: Configuring BIG-IP F5 Advanced WAF

    Configuring BIG-IP F5 Advanced WAF training F5

    available training dates
    price from: 4300 EUR
    duration: 4 days
    difficulty level: 4 of 6
    code: F5N-AWAF
    version: v17.1
    2026-01-12 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-01-12 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-02 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-02 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-02 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-02 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-31 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-31 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-13 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-13 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-27 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-27 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    F5
    Advanced WAF (AWAF)
    Networking and Wireless
    Security
    Security

Access Policy Manager (APM) | F5

Advanced Firewall Manager (AFM) | F5

FortiGate | Fortinet

FortiAnalyzer | Fortinet

FortiManager | Fortinet

SD-WAN | Fortinet

FortiAuthenticator | Fortinet

FortiWeb | Fortinet

FortiMail | Fortinet

Wireless LAN | Fortinet

Cyber security | ISC2

Microsoft 365 | Microsoft

Security | Microsoft

Pen Testing & Ethical Hacking | Mile2

AI Cybersecurity | Mile2

Cyber Threat Analyst | Mile2

Information Systems Management | Mile2

Incident Handling | Mile2

Web Application Security | Mile2

Cloud Security | Mile2

Forensics | Mile2

Disaster Recovery | Mile2

Healthcare | Mile2

Risk Management | Mile2

Auditing | Mile2

Cyber Range | Mile2

Security Awareness | Mile2

Firewall | Palo Alto Networks

SASE | Palo Alto Networks

LinkProof | Radware

DefensePro | Radware

  • Download conspect training as PDF: 300-101 Radware DefensePro Level 1

    300-101 Radware DefensePro Level 1 training Radware

    available training dates
    price from: 1900 EUR
    duration: 3 days
    difficulty level: 3 of 6
    code: 300-101
    2026-01-07 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-01-07 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-04 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-02-04 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-04 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-03-04 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-01 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-04-01 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-06 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-05-06 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-10 | Kraków / Virtual Classroom HYBRID: hybrid training sign up
    2026-06-10 | Warszawa / Virtual Classroom HYBRID: hybrid training sign up
    Radware
    DefensePro
    Networking and Wireless
    Security
    Security

AppDirector | Radware

Alteon | Radware

Fundamentals | SCADEMY

C# | SCADEMY

C/C++ | SCADEMY

Java | SCADEMY

PHP | SCADEMY

Python | SCADEMY

WEB | SCADEMY

Cloud | SCADEMY

Cryptography | SCADEMY

Finance | SCADEMY

Healthcare | SCADEMY

Telecome | SCADEMY

Software design | SCADEMY

Software testing | SCADEMY

Kubernetes | SUSE

Linux | The Linux Foundation

E-learning | The Linux Foundation

Exam | The Linux Foundation

Contact form

Please fill form below to obtain more info about this training.






* Fields marked with (*) are required !!!

Information on data processing by Compendium - Centrum Edukacyjne Spółka z o.o.

PRICE 1200 EUR

FORM OF TRAINING ?

 

TRAINING MATERIALS ?

 

EXAM ?

 

SELECT TRAINING DATE

  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
  • hybrid training: HYBRID
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
Book a training appointment
close

Traditional training

Sessions organised at Compendium CE are usually held in our locations in Kraków and Warsaw, but also in venues designated by the client. The group participating in training meets at a specific place and specific time with a coach and actively participates in laboratory sessions.

Dlearning training

You may participate from at any place in the world. It is sufficient to have a computer (or, actually a tablet, or smartphone) connected to the Internet. Compendium CE provides each Distance Learning training participant with adequate software enabling connection to the Data Center. For more information, please visit dlearning.eu site

close

Paper materials

Traditional materials: The price includes standard materials issued in the form of paper books, printed or other, depending on the arrangements with the manufacturer.

Electronic materials

Electronic materials: These are electronic training materials that are available to you based on your specific application: Skillpipe, eVantage, etc., or as PDF documents.

Ctab materials

Ctab materials: the price includes ctab tablet and electronic training materials or traditional training materials and supplies provided electronically according to manufacturer's specifications (in PDF or EPUB form). The materials provided are adapted for display on ctab tablets. For more information, check out the ctab website.

Upcoming EC-Council training

Training schedule EC-Council