Back to all walkthroughs
SOC Workbooks and Lookups
Premium roomDiscover useful corporate resources to help you structure and simplify L1 alert triage.
easy
To access material, start machines and answer questions login.
Alert triage is a complex process that often requires analysts to gather additional information about affected employees or servers. This room explores workbooks designed to streamline alert triage and explains various lookup methods to quickly retrieve user and system context.
Learning Objectives
- Familiarise yourself with investigation workbooks
- Learn where to find and how to use asset inventory in
- Understand the importance of corporate network diagrams
- Practice workflow building inside an interactive interface
Prerequisites
- Complete the L1 Alert Triage and Alert Reporting rooms
- Have practice with investigating common attack chains
- Understand the fundamental networking concepts
- Preferably, be familiar with the concept of playbooks
Answer the questions below
I am ready to start!
Ready to learn Cyber Security?
The SOC Workbooks and Lookups room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in