SOC Level 2

Tryhackme Walkthrough

Skills needed as a SOC Analyst career

Security operations
Introductory incident response
Malware analysis
Threat hunting and threat emulation

LEVEL: HARD

SECTION 1 - Log Analysis

Intro to logs
Logs operations
Intro to log analysis

SECTION 2 - Advance Splunk

Splunk: Exploring SPL
Splunk: Setting up a SOC Lab
Splunk: Dashboards and Reports
Splunk: Data Manipulation
Fixit

SECTION 3 - Advanced ELK

Logstash: Data Processing Unit
Custom Alert Rules in Wazuh
Advanced ELK Queries
Slingshot

SECTION 4 - Detection Engineering

Intro to Detection Engineering
Tactical Detection
Threat Intelligence for SOC
Sigma
SigHunt
Aurora EDR
SOAR

SECTION 5 - Threat hunting

Threat hunting: Introduction
Threat hunting: Foothold
Threat hunting: Pivoting
Threat hunting: Endgame
Hunt Me I: Payment Collectors
Hunt Me II: Typo Squatters

SECTION 6 - Threat Emulation

Intro to Threat Emulation
Threat Modelling
Atomic Red Team
CALDERA
Atomic Bird goes Purple #1
Atomic Bird goes Purple #2

SECTION 7 - Incident Respond

Preparation
Identification & Scoping
Threat Intel & Containment
Eradication & Remediation
Lessons Learned
Tasdigrade

SECTION 8 - Malware Analysis

x86 Architecture Overview
x86 Assembly Crash Course
Wndows Internals
Dissecting PE Headers
Basic Static Analysis
MalBuster
Advanced Static Analysis
Basic Dynamic Analysis
Dynamic Analysis: Debugging
Anti-Reverse Engineering
MalDoc: Static Analysis

Page updated

Google Sites

Report abuse