Introduction

This course provides practical knowledge of the daily roles and responsibilities of a security analyst in any corporation, bridging the gap between theoretical learning and real-world application. It equips you with the skills needed to handle the real-time aspects of cybersecurity, preparing you to work effectively in any organization.

Prerequisites

• Any Bachelor’s degree
• 0 to 3 years of experience in any field
• Fundamentals of Cyber Security (Separate course is offered is you are a newbie for Cybersecurity)
• Learning attitude

Course Duration

• Duration: 2 month (60 hours of training)
• Mode of Training: Classroom and Online

Summary of Learning

1. Understanding Basic Security Concepts

• Overview of fundamental security principles
• Different types of security threats
• Managing and mitigating risks

2. Introduction to Various Attacks and Attack Patterns

• Types of cyber attacks
• Recognizing attack patterns
• Defense strategies

3. Introduction to Security Operation Center (SOC)

• Role and importance of SOC
• SOC structure and functions
• Key components of SOC

4. Understanding Cyber Threats, Risk, and Incident

• Types of cyber threats
• Risk assessment and management
• Incident identification and response

5. Incident, Alert, Event, and Incident Response

• Differentiating incidents, alerts, and events
• Effective incident response strategies
• Real-time incident handling

6. Introduction to SIEM Platform

• Basics of Security Information and Event Management (SIEM)
• Key features and functionalities of SIEM
• SIEM tools overview

7. Onboarding of Log Sources

• Identifying and integrating log sources
• Log management best practices
• Ensuring comprehensive log coverage

8. SIEM as a Solution

• Detailed features of SIEM
• Using SIEM for security monitoring
• Advanced SIEM capabilities
• SOAR
• UEBA
• AI-ML
• IDS
• EDR
• NBAD

9. Introduction to L1 SOC Roles and Responsibilities

• Overview of Level 1 SOC analyst roles
• Daily responsibilities and tasks
• Skills required for L1 SOC analysts

10. Creating a Use Case in SIEM Platform

• Understanding use cases
• Designing effective use cases
• Implementing use cases in SIEM

11. Alert Analysis and Triage (Real Time)

• Analyzing security alerts
• Prioritizing and responding to alerts
• Real-time alert management

12. Creating Dashboards (Custom Dashboards)

• Importance of dashboards in SOC
• Designing custom dashboards
• 5Using dashboards for monitoring and reporting

13. Real-Time Understanding of Various Frameworks such as MITRE ATT&CK®

• Overview of MITRE ATT&CK® framework
• Applying the framework in real-time scenarios
• Enhancing threat detection and response

14. Reporting in SOC

• Effective SOC reporting techniques
• Creating comprehensive security reports
• Communicating findings to stakeholders