Investigate critical incidents and apply all the skills needed to be an effective SOC analyst while handling various artefacts.

In this module, you will handle real-world incidents composed of different Tactics, Techniques, and Procedures (TTPs), starting from initial access to data exfiltration. You will learn how to handle different artefacts, including memory dumps, email samples, packet captures, and event logs. Additionally, you will learn how to navigate different data sources ingested in an SIEM and correlate the significant findings to complete the investigation.

Tempest

You are tasked to conduct an investigation from a workstation affected by a full attack chain.

Boogeyman 1

A new threat actor emerges from the wild using the name Boogeyman. Are you afraid of the Boogeyman?

Boogeyman 2

The Boogeyman is back. Are you still afraid of the Boogeyman?

Boogeyman 3

The Boogeyman emerges from the darkness again.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

Hidden Hooks

After years of meticulous development, TryHatMe Studios are on the cusp of releasing their highly an...

Open Door

Our SOC team received a notification from a threat intelligence platform regarding leaked credential...

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.

SOC Level 1 Capstone Challenges