Upskilling Training

SOC (Security Operation Centre) Analyst

A Security Operation Centre (SOC) is a centralized facility within an organization that serves as a dedicated command centre for monitoring, detecting, and responding to cybersecurity incidents in real-time. The SOC plays a critical role in an organization's cybersecurity strategy, providing continuous oversight and defence against evolving cyber threats. A well-equipped and well-staffed Security Operation Centre enhances an organization's ability to detect and respond to cyber threats efficiently.

The "Security Operation Centre Analyst" training is a specialised program designed to equip attendees with the knowledge and skills required to become proficient SOC analysts. SOC analysts are cybersecurity professionals responsible for monitoring, detecting, and responding to security incidents within an organization's Security Operation Centre (SOC).

English

Duration 4 days

Participants will able to learn

Attendees will obtain information about centralized attack correlation systems. They will learn how to gather logs being accumulated on separate security components centrally, how to monitor attacks conducted from an internal or an external network and take necessary steps against an attack.

Who Should Attend?

  • IT Security Centre Personnel
  • Auditors
  • Defensive Security Consultants
  • Cybersecurity Experts
  • Network Administrators

Course Syllabus

SOC Process

SOC Roles and Responsibilities

SIEM solutions

SIEM Architecture

Introduction to Splunk

Splunk components

    Log forwarding and correlation

  • Windows EventLog
  • Linux syslog
  • Security and network products logs
  • Sysmon

Events, Reports, Dashboards, Alerts

    Splunk Apps

  • Security Essentials
  • Infosec-App
  • Enterprise Security

    SIEM Use-cases and Scenarios

  • Web server attacks
  • Ransomware and Malware

Pre-requisites

  • Familiarity with information system components
Advanced