Learning path
SOC Level 1
This path will introduce a wide array of tools and real-life analysis scenarios, enabling you to become a successful Junior Security Analyst.
easy
Learn the skills needed to work as a Junior Security Analyst in a Security Operations Centre.
- Detect and analyse traffic anomalies
- Monitor endpoints for threats
- Utilise SIEM tools to handle incidents
- Investigate forensic artefacts
Certificate of Completion
Complete this learning path to
develop your skills and earn a
certificate of completion.
SAL1 Professional Certification
Get hired with an industry-recognised, practical defensive certification.
Introduction
In the Junior Security Analyst role, you will be a Triage Specialist. You will spend a significant portion of your time triaging or monitoring the event logs and alerts.
The responsibilities of a Junior Security Analyst or Tier 1 SOC Analyst include the following:
- Monitor and investigate alerts (most of the time, it's a 24x7 SOC operations environment)
- Configure and manage security tools
- Develop and implement IDS signatures
- Escalate the security incidents to the Tier 2 and Team Lead if needed
Section 1
Cyber Defence Frameworks
Junior Security Analyst Intro
Pyramid Of Pain 
Cyber Kill Chain 
Unified Kill Chain
Diamond Model
MITRE
Summit
EvictionSection 2
Cyber Threat Intelligence
Intro to Cyber Threat Intel
Threat Intelligence Tools
Yara
OpenCTI
MISP
Friday Overtime
TrooperSection 3
Network Security and Traffic Analysis
Traffic Analysis Essentials
Snort
Snort Challenge - The Basics
Snort Challenge - Live Attacks
NetworkMiner
Zeek
Zeek Exercises
Brim
Wireshark: The Basics
Wireshark: Packet Operations
Wireshark: Traffic Analysis
TShark: The Basics
TShark: CLI Wireshark Features
TShark Challenge I: Teamwork
TShark Challenge II: DirectorySection 4
Endpoint Security Monitoring
Intro to Endpoint Security
Core Windows Processes
Sysinternals
Windows Event Logs
Sysmon
Osquery: The Basics
Wazuh
Monday Monitor
RetractedSection 5
Security Information and Event Management
Introduction to SIEM
Elastic Stack: The Basics
ItsyBitsy
Splunk: The Basics
Incident handling with Splunk
Investigating with Splunk
Benign
Introduction to Phishing
Section 6
Digital Forensics and Incident Response
DFIR: An Introduction
Windows Forensics 1
Windows Forensics 2
Linux Forensics
Autopsy
Redline
KAPE
Volatility
Velociraptor
TheHive Project
Intro to Malware Analysis
Unattended
Disgruntled
Critical
Secret RecipeSection 7
Phishing Analysis
Phishing Analysis Fundamentals
Phishing Emails in Action 
Phishing Analysis Tools
Phishing Prevention
The Greenholt Phish
Snapped Phish-ing LineSection 8
SOC Level 1 Capstone Challenges
Tempest
Boogeyman 1
Boogeyman 2
Boogeyman 3
Upload and Conquer
Hidden Hooks
BlackCat