What you'll learn:
- Understand how to prepare for, detect, and respond to cyber security incidents
- Be able to articulate the primary goals of a security operations center (SOC) and the key enablers of an effective SOC
- Be familiar with typical on the job activities of a SOC analyst on daily basis. This can be referred to as a day in the life of a SOC analyst.
- Be able to recall and describe each of the five functions of the NIST cybersecurity framework
- Understand the common sources of cyber security events
- Understand cyber security alerts, use cases and the benefits of using scheduled actionable reports to plug alerting gap
- Understand and be able to articulate the functions of tier 1, 2 and 3 SOC analysts
- Understand different phases of incident response
- Be very familiar with real world cyber security incident scenarios and appropriate response actions
- Be able to categorize various cyber security vendors in accordance with the security domains addressed by their specific products
Last Updated: March 2021
This course is all about working in a security operations center (SOC). It is designed to produce SOC analysts with excellent understanding of cyber security essentials, technology solutions, security operations, and incident response. Upon completion, learners will be capable of hitting the ground running from day 1 on the job. Additionally, learners will gain an excellent understanding of common tools, people and operational processes and procedures that make a value delivering SOC function effectively. The door to the SOC is ever revolving therefore SOC analysts will always be in high demand. This training is guaranteed to equip learners with everything required to work as an entry level SOC analyst who will be capable of giving intermediate analysts a run for their money.
The SOC has become one of the most important cyber defense capabilities in enterprise environment today. A key tenet of cyber security is prevention is ideal, but detection is a must, which means that where you're not able to prevent an adversary from breaching your defensive layers, detecting their presence in your environment in a timely manner is crucial. It is for this reason that organizations are constantly in the hunt for SOC analysts. As of March 2021, there were approximately 2,500 vacant SOC analyst job positions across the United States (source: LinkedIn), which is a clear indication that those with the requisite skill set will always be in a job.
This course covers technology solutions and their respective vendors across multiple cyber defense domains, therefore learners are going to gain an excellent understanding of security products that are typically leveraged in enterprise environments, such that they are able to have meaningful conversations with potential employers.
By the time students get to the security operations and incident response section of the course, they would appreciate why it was important to build the necessary foundational knowledge of security technologies. This is because the main tool used in the SOC (i.e. the SIEM) relies on all these other security technologies to deliver value. As a SOC analyst, you want your SIEM tool to give you that much needed situational awareness of security events that are unfolding on the network, therefore, you need the various sources of security events to push logs to your SIEM tool for analysis, correlation and alerting.
The course is packed with a lot of relevant and realistic information and scenarios, so be rest assured that you're going to get the full value for your money!
