CERTIFIED SECURITY OPERATIONS CENTER (SOC) ANALYST

CERTIFIED SECURITY OPERATIONS CENTER (SOC) ANALYST

Summary

Location

Location

Malaysia

Duration

Duration

5 Days
Format

Format

Public Class

Public Class

Unleash Your Potential as a Security Operations Center Analyst

Are you ready to embark on a journey as a Security Operations Center Analyst? If you’re passionate about cybersecurity, this course is your gateway to a dynamic, in-demand career. In a world where digital threats loom large, our Certified Security Operations Center (SOC) Analyst program equips you with the skills and knowledge to safeguard organizations against cyberattacks.

Dive into the World of Cybersecurity

In this 5-day, 35-hour course, we demystify the complex realm of cybersecurity. You’ll gain an in-depth understanding of security threats, attack techniques, and vulnerabilities. We’ll dissect the attacker’s mindset, exploring the cyber kill chain through real-world demonstrations and case studies. Whether you’re an entry-level professional or an experienced SOC enthusiast, we’ll help you grasp these concepts without the burden of technical jargon.

Master the SOC Landscape

The heart of our course lies in unveiling the Security Operations Center (SOC). You’ll delve into SOC processes, technologies, and automation workflows. Discover why SOC v2.0 is transforming the cybersecurity landscape, and learn about the roles and responsibilities that drive its success. We’ll equip you to navigate alerts generated from various sources, from IDS/IPS to EDR, and keep pace with next-generation defense technologies like NGAV, SIEM, EDR, SOAR, and more.

Seamlessly Integrate Threat Intelligence

Lastly, we’ll teach you the art of Threat Intelligence and Threat Hunting. You’ll understand the significance of timely detection and response, reducing the mean time to detect (MTTD) and mean time to respond (MTTR). Uncover the power of Threat Intelligence frameworks and feeds and learn to set up a comprehensive Threat Intelligence platform.

Ready to make a difference in the world of cybersecurity? Join us and unlock your potential as a Security Operations Center Analyst. Don’t just learn; become a guardian of the digital realm, equipped to tackle the ever-evolving landscape of cyber threats. Your journey starts here.

Course Details

Duration: 5 days; / 35 hours; Instructor-led/ remote online training

Audience

  • Cybersecurity Analysts
  • SOC Analysts
  • Network and Security Administrators, Network and Security Engineers, Network Defense Analyst, Network Defense Technicians, Network Security Specialist, Network Security Operator, and any security professional handling network security operations
  • Entry-level cybersecurity professionals

Prerequisites

For all users who use internet, computers, mobile phones and social media. No technical jargons – Suitable for all

Methodology

This program will be conducted with interactive lectures, PowerPoint presentation, discussion and practical exercise.

Course Objectives

  • Gain in-depth knowledge of security threats, attacks, vulnerabilities, attacker’s behaviors, cyber kill chain, SOC processes, procedures, technologies, and automation workflows.
  • Understand the MITRE ATT&CK Framework and Able to identify attacker techniques, tactics, and procedures (TTP) to investigate on indicators of compromise (IOCs) and provide automated / manual responses to eliminate the attack/incident.
  • Understand SOC and its processes, roles, responsibilities and implementation models
  • Able to monitor and work on alerts generated based on various log sources. Ex: IDS/IPS, AV, EDR, Firewall, Network Monitoring applications, etc.
  • Gain in-depth knowledge on all the latest defense technologies that are used in next generation SOC deployments. Ex : NGAV, SIEM, EDR, XDR, SOAR, TI, UEBA, IAM/PAM, etc.
  • Gain knowledge of Incident Response Methodology, processes and in-depth knowledge on how to integrate SOC processes with Incident Response processes and learn how to automate them as a single workflow.
  • Able to understand the concepts of Threat Intelligence and gain in-depth knowledge on how to integrate Threat Intelligence with the SIEM, SOAR, EDR and other SOC technologies to reduce the Mean time to Detect (MTTD) and Mean time to Respond (MTTR)

Outlines

  • Objective: Gain in-depth knowledge of security threats, attacks, vulnerabilities, attacker’s behaviors, and cyber kill chain.
  • Outcome: Attendees will learn in-detail about security threats, attacks, vulnerabilities, attacker’s behaviors, cyber kill chain thru 11 Live Demos and 3 Case Study.
    • What is Security, Vulnerabilities & O-Days, Attack life Cycle, Different Attack Vectors
    • Threats Vs. Risks, Why Perimeter defenses are failing? Why Anti-Virus is not enough?
    • Financial Implications of a Cyber Attack
    • Business Email Compromise (BEC) (Demo)
    • Ransomware (Demo)
    • Advanced Persistent Threat (Demo)
    • File-less Malwares (Demo)
    • Mobile Malwares (Demo)
    • Identity Theft (Demo)
    • Web Data Breach (Demo)
    • Malvertising (Demo)
    • Payment Gateway based attacks (Demo)
    • Social Media based attacks (Demo)
    • Password based attacks (Password Stuffing, Account Takeover, Phishing, etc) (Demo)
    • State sponsored attacks (Case Study)
    • Distributed Denial of Service (Case Study)
    • Insider Threat (Case Study)
  • Objective: Gain in-depth knowledge of SOC processes, procedures, technologies, and automation workflows.
  • Outcome: Attendees will learn in-detail about SOC processes, roles and responsibilities, procedures, technologies, and automation workflows.
    • What is a Security Operations Center and why we need it ?
    • NOC vs. SOC
    • Overview of Continuous Adaptive Risk and Trust Assessment (CARTA)
    • SOC v1.0 vs SOC v2.0
    • SOC v2.0 : Components
    • Security Operations Center roles and responsibilities
    • SOC team roles and responsibilities
    • Challenges of Security Operations Center
    • Measuring the ROI of Security Operations Center
  • Objective: Understand the MITRE ATT&CK Framework and able to identify attacker techniques, tactics, and procedures (TTP) to investigate on indicators of compromise (IOCs) and provide automated / manual responses to eliminate the attack/incident
  • Outcome: Attendees will learn MITRE ATT&CK Framework, will be able to identify attacker techniques, tactics, and procedures (TTP), and investigate on IOCs and provide automated / manual responses to eliminate the attack/incident.
    • What is MITRE ATT&CK Framework?
    • Tactics, Techniques and Procedures (TTP)
    • Indicators of Compromise (IoC) and Indicators of Attack (IoA)
    • Mapping to ATT&CK from Raw Data : 4 Hands-on Labs on Real world attack logs
  • Objective: Gain in-depth knowledge on all the latest defense technologies that are used in next generation SOC deployments. Ex : NGAV, SIEM, EDR, SOAR, TI, UEBA, IAM/PAM, etc.
  • Outcome: Attendees will learn latest defense technologies and its deployments. Ex : NGAV, SIEM, EDR, SOAR, TI, UEBA, IAM/PAM, etc. Attendees will be able to use these technologies on day to day operations.
    • Anti-Virus & Next Generation Anti-Virus (NGAV)
      • How it works and Where is the Gap ?
    • Deep Learning & Machine Learning & Artificial Intelligence
      • Cybersecurity use cases
    • Security Information and Event Management (SIEM)
      • How it Works ?
      • Understanding Logs & Log Correlation
      • SIEM Deployment options
      • Application Level Incident Detection Use Case Examples
      • Network Incident Detection Use Case Examples
      • Host Malware Incident Detection Use Case Examples
      • Understanding why SIEM is not enough and why Noise/False Positives ?
      • Lab / Demo
    • Endpoint Detection and Response (EDR)
      • How it Works ?
      • EDR vs. NGAV
      • Understanding Memory and Process Detection & Mapping
      • What is Managed Detection and Response
      • Understanding various Response actions
      • Lab / Demo
    • Security Orchestration, Automation and Response (SOAR)
      • Alert / Notification Handling Challenges
      • Why SOAR ?
      • Sample Automated Playbooks
      • Lab / Demo
    • Cyber Range
      • Cyber Range Components
      • Cyber Range Simulation Scenarios
    • Data Leakage Prevention (DLP)
    • User Behavior Analytics
    • Identity Management
    • Virtual Dispersive Networking (VDN)
  • Objective: Gain knowledge of Incident Response Methodology, processes and in-depth knowledge on how to integrate SOC processes with Incident Response processes and learn how to automate them as a single workflow.
  • Outcome: Attendees will able to design and implement Incident Response Methodology, processes and integrate SOC processes with Incident Response processes. Attendees will be able to automate IR processes as a single workflow with SOC processes.
    • Introduction to Incident Response
      • Types of Computer Security Incidents
      • Fingerprint of an Incident
      • Incident Categories & Incident Prioritization
      • Why Incident Response?
      • Incident Reporting
    • Incident Response & Handling Methodology
      • Incident Response Plan
      • Incident Response and Handling: Identification, Incident Recording, Initial Response, Communicating the Incident, Containment, Formulating a Response Strategy, Incident Classification, Incident Investigation, Data Collection, Forensic Analysis, Evidence Protection, Systems Recovery, Incident Documentation, Incident Damage and Cost Assessment, Review and Update the Response Plan and Policies
      • Incident Response Checklist and Best Practices
      • CSIRT & its best practices
      • Incident Response Team
      • Incident Tracking and Reporting
      • Incident handling: Real Word examples and exercises on Malware, Web Application attacks, Email attacks and Insider attacks.
  • Objective: Able to understand the concepts of Threat Intelligence and gain in-depth knowledge on how to integrate Threat Intelligence with the SIEM, SOAR, EDR and other SOC technologies to reduce the Mean time to Detect (MTTD) and Mean time to Respond (MTTR).
  • Outcome: Attendees will learn about Threat Intelligence and learn to integrate Threat Intelligence with the SIEM, SOAR, EDR and other SOC technologies and learn to reduce the Mean time to Detect (MTTD) and Mean time to Respond (MTTR). Learn to setup a complete Threat Intelligence Platform.
    • Introduction to Threat Intelligence
      • Understanding Threats, Threat Modeling and Risk
      • What is Threat Intelligence
      • Need for Threat Intelligence
      • Benefits of Threat Intelligence
      • Types of Threat Intelligence
      • Threat Intelligence Life Cycle
      • Sources of Threat Intelligence
      • Technologies contributing to Threat Intelligence ( SIEM, EDR, Log Sources )
      • Incident Response & Threat Intelligence
      • Applications of Threat Intelligence
      • Threat Intelligence Frameworks ( CIF, MISP, TAXII)
      • Role of Threat Intelligence Analyst & Threat Hunters

Role of Threat Intelligence in SOC operations

    • Setting up Threat Intel Framework
      • Enterprise Threat Landscape Mapping
      • Scope & Plan Threat Intel Program
      • Setup Threat Intel Team
      • Threat Intelligence Feeds, Sources & Data Collections
      • Open source Threat Intel Collections (OSINT and more)
      • Dark Web Threat Intel Collections
      • SIEM / Log Sources Threat Intel Collections
      • Pubic Web data Threat Intel Collections ( Maltego, OSTrICa, and more)
      • Threat Intel collections with YARA
      • EDR Threat Intel Collections
      • Incorporating Threat Intel into Incident Response
      • Threat Intel & Actionable Contextual Data

MISP Lab

Trainers

Reviews

Interested In

CERTIFIED SECURITY OPERATIONS CENTER (SOC) ANALYST

Starting From
RM5500
Class Type
Private, Public

Why Us

Variety of Courses

Variety of Courses

Customizable Class

Customizable Class

Consultants Facilitate

Consultants Facilitate

HRDF Claimable

HRDF Claimable

Professional Certifications

Professional Certifications

Free Chat to Get Quote

Free Chat to Get Quote

Related Courses

Book Now

Course Name: CERTIFIED SECURITY OPERATIONS CENTER (SOC) ANALYST
Duration: 5 Days
Class Type *
Intake Date *
First Name *
Last Name *
Email *
Contact No. *
Pax *
Total Price: RM
0.00

Enquire Now

Course Name *
Name *
Email *
Contact No. *
Enquiry For
Company Name *
Job Position *
Message *

Download Details

Name *
Email *
Contact No. *