top of page

Blue Team Essential

Duration

59 Hours

Category

Black Hat Essentials

About the Course

The Blue Team Essentials playlist is designed for students and cybersecurity professionals looking to kick off their journey in defensive cybersecurity and to transition into the SOC Analyst role.


A SOC analyst (Security Operations Center analyst) is a cybersecurity professional responsible for monitoring and detecting security incidents and threats within an organization’s network infrastructure.


The primary responsibilities of a SOC analyst include monitoring network traffic, analyzing security alerts, identifying potential security incidents, investigating security incidents, and coordinating with other teams to remediate security incidents.


What will you learn?

1. Logging Fundamentals – This is the starting point for any SOC analyst, it is vitally important to understand how logging works on both Windows and Linux. This playlist will introduce you to Windows event logs, logging on Linux and how to analyse and understand logs from various operating systems.


2. ELK Stack Fundamentals - The ELK (Elasticsearch, Logstash and Kibana) stack is a popular open-source software stack used for log management and analysis. This playlist will teach you how to properly install and configure ELK for log management and analysis.


3. Threat & Log Analysis – This playlist is designed to build on the knowledge, skills and abilities covered in the first two playlist and covers the process of how to analyse threats, alerts and logs from Windows and Linux systems with popular tools like Velociraptor and Zeek.


4. Network Traffic Analysis – This playlist will introduce you to the fundamentals of performing network traffic analysis with Wireshark and TCPDump. It also covers the process of threat hunting with Arkime.

bottom of page