Loading Events

« All Events

  • This event has passed.
Oct 19

Security Operations Center (SOC) Best Practices

October 19 @ 1:00 pm - October 20 @ 5:00 pm

Sign Up For This Course


Security Operations Center (SOC) Best Practices 

The SOC is the first line of defense.  As such, improving its capabilities will directly affect your organization’s ability to respond to threats and incidents. This course will teach students the essential skills they’ll need to excel as SOC analysts.  Students will gain first-hand experience working with commonly used tools, processes and data flows.  Plus, they’ll explore incident response techniques, threat modeling, and reporting procedures.  Since turnover is a common challenge for SOCs, this course will teach techniques to avoid burnout.  The workflow automation techniques taught in this course are designed to increase productivity while reducing stress.

This course can be used for continuing education credits for organizations including (ISC)2, EC Council, CompTIA, PMI, ISACA, and more.  This course will also prime students to pursue their CompTIA Cybersecurity Analyst (CySa+) certification.

 

Course Location 

This course is presented remotely through Zoom:

 

Key Features

  • Utilize network monitoring and tactical event logging to catch attacks before they become a problem
  • Analyze common alert types including DNS, email, and HTTP(S)
  • Use SIEM, threat intelligence platforms, incident management systems, and automation to connect and work together to provide a painless workflow for analysts
  • Identify high-risk alerts and verify them quickly
  • Learn how logs are collected through the environment and the importance of parsing, enrichment, and correlating events with a SIEM
  • Perform high-quality, bias-free alert analysis and investigation
  • Create and tune threat detection analytics to eliminate false positives

 

Who Should Attend

  • Risk Analysts
  • Investigators & Responders
  • SOC Analysts & Incident Managers
  • Security Engineers, Consultants, and Architects
  • Cybersecurity Professionals
  • Those responsible for protecting information assets

 

Requirements

A basic understanding of TCP-IP and general operating system fundamentals is needed for this course. Being accustomed to the Linux command-line, network security monitoring, and SIEM solutions is a bonus. Some basic entry-level security concepts are assumed.

 

Day 1 Schedule

Introduction to SOC Concepts 09:00a-10:30a
Network Monitoring 11:00a-12:15p
SIEM and Threat Intelligence 01:30p-03:00p
Alert Management and Analysis 03:30p-05:00p

 

Day 2 Schedule

Log Aggregation 09:00a-10:30a
Threat Detection 11:00a-12:15p
Incident Response 01:30p-03:00p
Capstone Exercise 03:30p-05:00p

 

Course Fee: $1,970.00 per person

 

Instructor

francois arthanas

Francois is a passionate and driven InfoSec professional with over 5 years of experience teaching blue teaming skills to hundreds of students. He has a Master’s degree in Cybersecurity and Information Assurance from WGU and holds numerous industry certifications including A+, Net+, Sec+, Linux+, CySA+, CEH, CHFI, ITILv3, etc. Francois is engaged in the Cybersecurity field and believes that teaching is one way for him to give back to the Cyber Community.

 

Instructor Statement:

“As someone who has worked and taught SOC Analyst courses to hundreds of students, I thoroughly understand the struggle of starting your first position in Cyberdefense. While there is a seemingly infinite amount of information to learn, there are certain central concepts that, when explained systematically, can greatly shorten the time required to become a productive member of the SOC team. This course is designed to pass this knowledge on to you. While some believe SOC positions can feel like a grind, they do not need to be that way. This course goes beyond technical knowledge to also teach the concepts that, if implemented in your SOC, will keep you and your colleagues challenged, happy, and constantly growing in your day-to-day work!”  ~ Francois B. Arthanas

 

This training is presented as a joint venture between Cyberkraft Training and Direct Line 2 Compliance in cooperation with CIEDAR and Texas State University.

 


Sign Up For This Course

Details

Start:
October 19 @ 1:00 pm
End:
October 20 @ 5:00 pm
Event Category:
Event Tags:
, ,

Venue

Remote via Zoom
Phone:
(724) 875-5448
View Venue Website

Organizer

Cyberkraft
Phone:
(724) 875-5448
Email:
info@cyberkrafttraining.com
View Organizer Website
error: Content is protected.