Understand how SIEM works and get comfortable creating simple and advanced search queries to look for specific answers from the ingested logs.

This module explores SIEM basics - how logs are ingested and searched over to get the answers and how to identify the anomalies. This module also covers features standard in each SIEM solution, such as timeline, search bar, time filter and how to construct search queries to find anomalous traces. Aspiring security analysts can quickly transfer the knowledge covered in this module into any SIEM solution.

Introduction to SIEM

Learn the fundamentals of SIEM and explore its features and functionality.

Elastic Stack: The Basics

Understand how SOC analysts use the Elastic Stack (ELK) for log investigations.

ItsyBitsy

Put your ELK knowledge together and investigate an incident.

Splunk: The Basics

Understand how SOC analysts use Splunk for log investigations.

Incident Handling With Splunk

Learn to use Splunk for incident handling through interactive scenarios.

Investigating with Splunk

Investigate anomalies using Splunk.

Benign

Challenge room to investigate a compromised host.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

Introduction to Phishing

NEW? START HERE! Learn how to use SOC Simulator by completing your first scenario. Close all True Po...

Need to know

Security Operations & Monitoring

Learn how to configure and utilise tooling to ensure that suspicious activity is quickly identified and dealt within your environment.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.

Security Information and Event Management