Course Overview
This comprehensive course is designed to equip you with the practical skills required to excel in the field. Built by industry experts, it covers everything from fundamentals to advanced concepts through interactive, real-world simulations.
What You'll Learn
- Understand core concepts of SOC Analyst & SIEM Engineering
- Hands-on experience with industry-standard tools
- Real-world scenario simulations and labs
- Preparation for certification exams
Tools Covered
Splunk Enterprise
Elastic SIEM
Wazuh
TheHive
Cortex XSOAR
Suricata
Full Syllabus
Module 1: SOC Architecture & Operations
+
Key Topics
- Tier 1/2/3 Roles
- Incident Triage Workflow
- Metrics and KPIs
- Compliance Requirements
Hands-on Labs
- Ticket Creation and Escalation in TheHive
- Defining SOC SLAs
Module 2: SIEM Fundamentals & Deployment
+
Key Topics
- SIEM Architecture
- Log Ingestion Methods
- Syslog
- Agents vs Agentless
Hands-on Labs
- Deploying Splunk Universal Forwarders
- Configuring Filebeat for Elastic
Module 3: Data Parsing & Normalization
+
Key Topics
- Regex (Regular Expressions)
- Field Extractions
- Common Information Model (CIM)
Hands-on Labs
- Writing Regex to Extract Custom Log Fields
- Mapping Data to Splunk CIM
Module 4: Advanced Log Analysis & Querying
+
Key Topics
- Search Processing Language (SPL)
- Aggregations
- Visualizations and Dashboards
Hands-on Labs
- Building Executive Security Dashboards
- Hunting for Anomalies using SPL
Module 5: Threat Detection Engineering
+
Key Topics
- Use Case Development
- Correlation Rules
- Tuning and False Positives
Hands-on Labs
- Building Brute-Force Alert Rules
- Detecting Pass-the-Hash Attacks
Module 6: Integrating Threat Intelligence
+
Key Topics
- STIX/TAXII
- Integrating MISP
- IoC Matching
Hands-on Labs
- Ingesting Threat Feeds into SIEM
- Alerting on Known Bad IPs
Module 7: Security Orchestration (SOAR)
+
Key Topics
- SOAR Concepts
- Playbooks
- Automated Enrichment
- Automated Containment
Hands-on Labs
- Building a Playbook in Cortex XSOAR
- Automating IP Blocking on Firewalls
Module 8: Incident Handling Scenarios
+
Key Topics
- Ransomware Outbreak
- Insider Threat
- Data Exfiltration
Hands-on Labs
- Full Simulated Incident Response Exercise
- Post-Incident Reporting
Module 9: Hands-on Project - 25 Hours
+
Key Topics
- Application of Learned Concepts
- End-to-End Task Execution
- Problem Solving and Analytical Thinking
- Structured Documentation
Hands-on Labs
- Guided Practical Exercises
- Scenario-Based Labs
- Independent Practice Tasks
Instructors
[Trainers Profile for this training will be updated soon]
Certificate of Completion
FutureCertLabs
Certificate of Completion
This is to proudly certify that
Student Name
has successfully completed the comprehensive training requirements for
SOC Analyst & SIEM Engineering