
- This event has passed.
Security Operations Center (SOC) Best Practices
June 21, 2021 @ 1:00 pm - June 22, 2021 @ 5:00 pm
Event Navigation

Security Operations Center (SOC) Best Practices
The SOC is the first line of defense. As such, improving its capabilities will directly affect your organization’s ability to respond to threats and incidents. This course will teach students the essential skills they’ll need to excel as SOC analysts. Students will gain first-hand experience working with commonly used tools, processes and data flows. Plus, they’ll explore incident response techniques, threat modeling, and reporting procedures. Since turnover is a common challenge for SOCs, this course will teach techniques to avoid burnout. The workflow automation techniques taught in this course are designed to increase productivity while reducing stress.
This course can be used for continuing education credits for organizations including (ISC)2, EC Council, CompTIA, PMI, ISACA, and more. This course will also prime students to pursue their CompTIA Cybersecurity Analyst (CySa+) certification.
Course Location
This course is presented in person:
Star Park Training Facility, Multipurpose Room 173
3055 Hunter Rd, San Marcos, TX, 78666
Due to the COVID-19 pandemic, we will be limiting the number of attendees to allow for safe social distancing during each presentation.
Key Features
- Utilize network monitoring and tactical event logging to catch attacks before they become a problem
- Analyze common alert types including DNS, email, and HTTP(S)
- Use SIEM, threat intelligence platforms, incident management systems, and automation to connect and work together to provide a painless workflow for analysts
- Identify high-risk alerts and verify them quickly
- Learn how logs are collected through the environment and the importance of parsing, enrichment, and correlating events with a SIEM
- Perform high-quality, bias-free alert analysis and investigation
- Create and tune threat detection analytics to eliminate false positives
Who Should Attend
- Risk Analysts
- Investigators & Responders
- SOC Analysts & Incident Managers
- Security Engineers, Consultants, and Architects
- Cybersecurity Professionals
- Those responsible for protecting information assets
Requirements
A basic understanding of TCP-IP and general operating system fundamentals is needed for this course. Being accustomed to the Linux command-line, network security monitoring, and SIEM solutions is a bonus. Some basic entry-level security concepts are assumed.
Day 1 Schedule
Introduction to SOC Concepts | 09:00a-10:30a |
Network Monitoring | 11:00a-12:15p |
SIEM and Threat Intelligence | 01:30p-03:00p |
Alert Management and Analysis | 03:30p-05:00p |
Day 2 Schedule
Log Aggregation | 09:00a-10:30a |
Threat Detection | 11:00a-12:15p |
Incident Response | 01:30p-03:00p |
Capstone Exercise | 03:30p-05:00p |
Course Fee: $1,664.00 per person
Instructor
Francois is a passionate and driven InfoSec professional with over 5 years of experience teaching blue teaming skills to hundreds of students. He has a Master’s degree in Cybersecurity and Information Assurance from WGU and holds numerous industry certifications including A+, Net+, Sec+, Linux+, CySA+, CEH, CHFI, ITILv3, etc. Francois is engaged in the Cybersecurity field and believes that teaching is one way for him to give back to the Cyber Community.
Instructor Statement:
“As someone who has worked and taught SOC Analyst courses to hundreds of students, I thoroughly understand the struggle of starting your first position in Cyberdefense. While there is a seemingly infinite amount of information to learn, there are certain central concepts that, when explained systematically, can greatly shorten the time required to become a productive member of the SOC team. This course is designed to pass this knowledge on to you. While some believe SOC positions can feel like a grind, they do not need to be that way. This course goes beyond technical knowledge to also teach the concepts that, if implemented in your SOC, will keep you and your colleagues challenged, happy, and constantly growing in your day-to-day work!” ~ Francois B. Arthanas
This training is presented as a joint venture between Cyberkraft Training and Direct Line 2 Compliance in cooperation with CIEDAR and Texas State University.