This plan includes
- Limitedfree coursesaccess
- Play & PauseCourse Videos
- VideoRecorded Lectures
- Learn onMobile/PC/Tablet
- Quizzes andReal Projects
- Lifetime CourseCertificate
- Email & ChatSupport
What you'll learn?
- In this course you'll learn Security operations center L1 & L2 with Log integration and finetunning
- You'll learn threat intelligence and Incident response
- from basic networking topics and Ethical hacking topics to understand the attack defense
- become a soc analyst in MSSP environments with splunk enterprise tools
- You'll learn log integration with use case creation and understand the incident triage
- understand Splunk enterprise integration and use cases creation
- SOC local loggining, Indicators of the compromise and log agent integrations
Course Overview
Hi Techies..!
Welcome to the Complete SOC Analyst Course from SiemHunters. This course that has potential to change your Professional life into defense side cyber security domain. this course made from our industrial cyber security expert Mr. Gopi Pakanati and Instructor Ramya Sri Pachala.
In this course content helps to level up your skills in Cyber threats, endpoint protections, Threat Intelligence to become a soc analyst in large MSSP organizations. you will learn ethical hacking topics how to detect modern cyber attacks, and zero-day vulnerabilities.
Course Outline:
Complete Kali Linux Commands-Line: To understand the how attackers execute offensive commands in your infra to gain unauthorized access.
Advanced Cyber Threats: To understand latest threats, and attacks in modern attack surface.
Introduction of SOC: To understand basic terminology of soc and infra
Local Logging & IOC: Understand local log locations in different OS systems and working with event Viewer to understand the windows level logs and events
SIEM Deployment: To understand Splunk enterprise deployment (UF & HF) along with configurations of (inputs, outputs, and transforms files)
SIEM Use-cases: understanding use cases creation of the threats to identify the malicious activity.
SIEM Investigations: Investigate latest threats in web applications, network and endpoint level
Threat Intelligence: Using threat intelligence to gather adversaries tactics, and techniques using operations, tactical, technical, and operations intelligence.
Incident Response: Understanding the IR steps and root cause analysis of the incidents, and eradication process
Qualys Web Application: Working with qualys guard to initiate scans and working with VA (Vulnerability assessments) based Reports
Qualys Guard VM: Working with qualys guard vm to identify the endpoint level threats, working with De-install tasks, and understanding the vulnerability and share the report to the respective teams for resolution,
This Course designed for:
-
who wanted to become a soc analyst in MSSP organizations
-
New fresher graduates in cyber security or other fields
-
who explore cyber security to become a cyber expert
-
Cyber security Analyst
-
Security Analyst
-
Cyber Security Managers
-
Qualys guard VM based reports
-
IT Professionals
All the best techies..!
Pre-requisites
- No requirements. we starts from scratch
- No prior experience needed, You will learn from basic networking to Incident response
Target Audience
- Cyber Security Professionals
- IT Professionals
- Cyber Security Students
- Ethical Hacker
- SOC Analyst
- SIEM Professionals
- Splunk analyst
- Vulnerability Management
Curriculum 186 Lectures 20:27:19
Section 1 : Complete Kali Linux commands for Secops
- Lecture 2 :
- Users management
- Lecture 3 :
- Directories in Kali Linux
- Lecture 4 :
- Services in Kali Linux
- Lecture 5 :
- Servers in Kali Linux
- Lecture 6 :
- Metasploit Framework
- Lecture 7 :
- Important tools for Security Expert
- Lecture 8 :
- Cat command
- Lecture 9 :
- Cal command
- Lecture 10 :
- cd command
- Lecture 11 :
- cmp diff command
- Lecture 12 :
- cp command
- Lecture 13 :
- egrep command
- Lecture 14 :
- File permissions command
- Lecture 15 :
- find files by names command
- Lecture 16 :
- grep command
- Lecture 17 :
- ls command
- Lecture 18 :
- mkdir command
- Lecture 19 :
- modes command
- Lecture 20 :
- rm command
- Lecture 21 :
- sort command
- Lecture 22 :
- uname command
- Lecture 23 :
- uniq command
- Lecture 24 :
- Who-is-logged command
Section 2 : SOC Fundamentals
- Lecture 1 :
- TCP/IP Model
- Lecture 2 :
- Presentation Layer
- Lecture 3 :
- Transport Layer Protocol (Tcp, UDP, SSL, TLS)
- Lecture 4 :
- Network Layer
- Lecture 5 :
- Physical Layer
- Lecture 6 :
- Data Link Layer
Section 3 : Security Operations and Managements
- Lecture 1 :
- Security Management
- Lecture 2 :
- Capabilities of SOC
- Lecture 3 :
- SOC Workflow
- Lecture 4 :
- Components of SOC
- Lecture 5 :
- Types of SOC Models
- Lecture 6 :
- SOC Vs NOC
- Lecture 7 :
- Security Operations
- Lecture 8 :
- Need of SOC
Section 4 : Understanding Latest common security threats
- Lecture 1 :
- Working with Nessus VA - Vulnerability Assessment
- Lecture 2 :
- Dumping & Cracking SAM hashes to extract plaintext passwords
- Lecture 3 :
- Windows Registry entry monitoring for suspicious activities
- Lecture 4 :
- Startup program monitoring tool
- Lecture 5 :
- Spoofing MAC addresses using SMAC
- Lecture 6 :
- Detecting ARP attacks
- Lecture 7 :
- DOS attack - SYN flood attack using hping3
- Lecture 8 :
- Snort IDS - Detecting intrusions
- Lecture 9 :
- Bypass windows firewall using NMAP evasion techniques
- Lecture 10 :
- Bypassing Firewall rules using HTTP/FTP Tunneling
- Lecture 11 :
- Cracking FTP credentials using Dictionary attack
- Lecture 12 :
- Exploiting parameter tampering and XSS Vulnerabilities
- Lecture 13 :
- Exploiting RCE - Remote code execution vulnerabilities
- Lecture 14 :
- Exploiting LFI&RFI Vulnerabilities
- Lecture 15 :
- Exploiting CSRF attacks
- Lecture 16 :
- Exploiting SQL injection attacks - Practical approach
- Lecture 17 :
- Exploiting MSSQL using webshell to extract databases (Exfiltration)
- Lecture 18 :
- Wireless Packet analysis using Wireshark
- Lecture 19 :
- Cryptography - Calculate the hashes using the Hashcalc
- Lecture 20 :
- Cryptography - calculate the hashes using MD5 hash calculator
- Lecture 21 :
- Cryptography - Basic Disk encryption using the Veracrypt
Section 5 : MODULE 2 - Understanding Cyber Threats, IoCs, and and Attack Methodology
- Lecture 1 :
- Understanding Cyber Threats
- Lecture 2 :
- Intent-Motive-Goal
- Lecture 3 :
- Tactics-Techniques-Procedures
- Lecture 4 :
- Opportunity-Vulnerability-Weakness
- Lecture 5 :
- Network Level Attacks 1
- Lecture 6 :
- Network Level Attacks - 2
- Lecture 7 :
- Application Level Attacks
- Lecture 8 :
- Host,Application Level Attacks
- Lecture 9 :
- Network,Host,Application Level Attacks
- Lecture 10 :
- Cyber Threat IoCs
- Lecture 11 :
- Malware Threats IOC - 2
- Lecture 12 :
- Hacking Methodologies
- Lecture 13 :
- CSA Brute Force practical
- Lecture 14 :
- CSA Proxy Switcher practical
- Lecture 15 :
- lab 1 - Understanding the Working of SQL Injection Attacks
- Lecture 16 :
- lab 2 - Understanding the Working of XSS Attacks
- Lecture 17 :
- lab 3 - Understanding the Working of Network Scanning Attacks
- Lecture 18 :
- lab 4 - Understanding the Working of Brute Force Attacks
- Lecture 19 :
- lab 5 - Detecting and Analyzing IoCs using Wireshark
Section 6 : Incidents, Events and Local Logging
- Lecture 1 :
- Log, Event and Incident
- Lecture 2 :
- Centralized Logging challenges - 1
- Lecture 3 :
- Centralized Logging challenges - 2
- Lecture 4 :
- Typical Log Sources
- Lecture 5 :
- Need of Log
- Lecture 6 :
- Logging Requirements
- Lecture 7 :
- Typical Log Format
- Lecture 8 :
- Local Logging - 1
- Lecture 9 :
- Local Logging - 2
- Lecture 10 :
- Local Logging - 3
- Lecture 11 :
- Local Logging - 4
- Lecture 12 :
- Local Logging - 5
- Lecture 13 :
- lab 1 - Configuring, Monitoring, and Analyzing Windows Logs
- Lecture 14 :
- lab 2 - Configuring, Monitoring, and Analyzing IIS Logs
- Lecture 15 :
- lab 3 - Configuring, Monitoring, and Analyzing Snort IDS Logs
Section 7 : Incident detection with Security Incident and event Management (Splunk, Alien)
- Lecture 1 :
- Need of SIEM
- Lecture 2 :
- Typical SIEM Capabilities
- Lecture 3 :
- SIEM Architecture and its Components
- Lecture 4 :
- SIEM Solutions
- Lecture 5 :
- SIEM Deployment - 1
- Lecture 6 :
- SIEM Deployment - 2
- Lecture 7 :
- Incident Detection with SIEM and Use Case Examples For Application Level Inciden
- Lecture 8 :
- Use Case Examples For Insider Incident Detection
- Lecture 9 :
- Use Case Examples For Network Level Incident Detection - 1
- Lecture 10 :
- Use Case Examples For Network Level Incident Detection - 2
- Lecture 11 :
- Use Case Examples For Host Level Incident Detection
- Lecture 12 :
- Handling Alert Triaging and Analysis
- Lecture 13 :
- splunk deployment
- Lecture 14 :
- CSA SQL Injection Practical use cases
- Lecture 15 :
- XSS Attack investigation and use cases
- Lecture 16 :
- Working with SPLUNK and SEARCH (SPL Queries)
- Lecture 17 :
- lab 1 - Brute force Alerts: Creating Splunk Use Case for Detection
- Lecture 18 :
- lab 2 - SQL Injection Usecase: Creating Splunk Use Case for Detection
- Lecture 19 :
- Lab 4 Detecting Network Scanning attempts - Use cases for Networking | port scan
- Lecture 20 :
- lab 3 - XSS alerts: Creating Splunk Use Case for Detection - WAF
- Lecture 21 :
- Lab 5 - Monitoring trusted binaries and detecting malicious LoLbins
- Lecture 22 :
- Lab 5 - Host Level Incident Detection: Creating ELK Use Case
Section 8 : MODULE 5 - Enhanced Incident Detection with Threat intelligence
- Lecture 1 :
- Cyber Threat Intelligence (CTI)
- Lecture 2 :
- Types of Threat Intelligence - 1
- Lecture 3 :
- Types of Threat Intelligence - 2
- Lecture 4 :
- Threat Intelligence-driven SOC
- Lecture 5 :
- Benefit of Threat Intelligence to SOC Analyst
- Lecture 6 :
- Threat Intelligence Use Cases for SOC Analyst
- Lecture 7 :
- Integration of Threat Intelligence into SIEM
- Lecture 8 :
- Threat Intelligence Use Cases for Enhanced Incident Response
- Lecture 9 :
- Enhancing Incident Response by Establishing SOPs for Threat Intelligence
- Lecture 10 :
- lab 1 - Enhanced Incident Detection with Threat Intelligence
- Lecture 11 :
- lab 2 - Integrating OTX Threat Data in OSSIM
Section 9 : L3 - Incident Response
- Lecture 1 :
- Incident response
- Lecture 2 :
- SOC and IRT Collaboration
- Lecture 3 :
- Incident Response (IR) Process Overview - 1
- Lecture 4 :
- Incident Response (IR) Process Overview - 2
- Lecture 5 :
- Incident Response (IR) Process Overview - 3
- Lecture 6 :
- Incident Response (IR) Process Overview - 4
- Lecture 7 :
- Incident Response (IR) Process Overview - 5
- Lecture 8 :
- Responding to Network Security Incidents
- Lecture 9 :
- Responding to Application Security Incidents
- Lecture 10 :
- Responding to Email Security Incidents
- Lecture 11 :
- Responding to an Insider Incidents
- Lecture 12 :
- CSA eradicating SQL and XSS Injection Practical
- Lecture 13 :
- lab 2 - Generating Tickets for Incidents
- Lecture 14 :
- lab 3 - Eradicating SQL Injection and XSS Incidents
- Lecture 15 :
- lab 4 - Recovering from Data Loss Incidents
- Lecture 16 :
- lab 5 - Creating Incident Reports using OSSIM
Section 10 : Qualys Cloud Agent and Qualys VMDR
- Lecture 1 :
- Lab 1 - Cloud Agent deployment
- Lecture 2 :
- Lab 2 - Agent Installation Components
- Lecture 3 :
- Lab 3 - Command_Line Installations Windows
- Lecture 4 :
- Lab 4 - Command Line installations - MSI
- Lecture 5 :
- Lab 5 - Validate CA installation & Locate HOST ID
- Lecture 6 :
- Lab 6 - CA Log file & Troubleshoot
- Lecture 7 :
- Lab 7 - Asset Details & Queries
- Lecture 8 :
- Lab 9 - Configuration and Tunning the cloud agent
- Lecture 9 :
- Lab 10 - Scan-On-Demand VMDR
- Lecture 10 :
- Lab 11 - De-Install (Activate, De-activate, Uninstall Agents)
- Lecture 11 :
- Lab 1 - Account Setup & Application
- Lecture 12 :
- Knowledge base & Search Lists
- Lecture 13 :
- Lab 2 - Working with Knowledge base
- Lecture 14 :
- Lab 3 - Working with SeachLists
- Lecture 15 :
- Lab 4 - Working with Asset tags
- Lecture 16 :
- Lab 5 - Working with Asset Search
- Lecture 17 :
- Asset & Asset inventory
- Lecture 18 :
- Asset Groups
- Lecture 19 :
- Asset Tagging
- Lecture 20 :
- Using Asset tags
- Lecture 21 :
- Using Asset groups
- Lecture 22 :
- Lab 6 - Working with Asset groups
- Lecture 23 :
- Scan by Hostname
- Lecture 24 :
- Vulnerability Assessment
- Lecture 25 :
- Benefits of Vulnerability Assessment and Scanning
- Lecture 26 :
- VM Life cycle and Sensors
- Lecture 27 :
- Lab 7 - Working with Vulnerability Assessment
- Lecture 28 :
- Lab 8 - Authentication Records
- Lecture 29 :
- Lab 9 - Launch Scan
- Lecture 30 :
- Scan Configuration
- Lecture 31 :
- Scheduling Assessment Scans
- Lecture 32 :
- View Scan results
- Lecture 33 :
- Lab 10 - Scheduled Scans
- Lecture 34 :
- User management
- Lecture 35 :
- Lab 11 - Creating user account
- Lecture 36 :
- Vulnerabilities Remediation
- Lecture 37 :
- Lab 12 - Assign Vulnerability to User
- Lecture 38 :
- Lab 13 - Ignore Vulnerabilities
- Lecture 39 :
- Lab 14 - Create Remediation Report
- Lecture 40 :
- Report overview
- Lecture 41 :
- Lab 15 - Reporting
- Lecture 42 :
- Lab 16 - Scheduled Reports
- Lecture 43 :
- Lab 17 - Custom Report templates
- Lecture 44 :
- Windows Defender protection
Our learners work at
Frequently Asked Questions
How do i access the course after purchase?
It's simple. When you sign up, you'll immediately have unlimited viewing of thousands of expert courses, paths to guide your learning, tools to measure your skills and hands-on resources like exercise files. There’s no limit on what you can learn and you can cancel at any time.Are these video based online self-learning courses?
Yes. All of the courses comes with online video based lectures created by certified instructors. Instructors have crafted these courses with a blend of high quality interactive videos, lectures, quizzes & real world projects to give you an indepth knowledge about the topic.Can i play & pause the course as per my convenience?
Yes absolutely & thats one of the advantage of self-paced courses. You can anytime pause or resume the course & come back & forth from one lecture to another lecture, play the videos mulitple times & so on.How do i contact the instructor for any doubts or questions?
Most of these courses have general questions & answers already covered within the course lectures. However, if you need any further help from the instructor, you can use the inbuilt Chat with Instructor option to send a message to an instructor & they will reply you within 24 hours. You can ask as many questions as you want.Do i need a pc to access the course or can i do it on mobile & tablet as well?
Brilliant question? Isn't it? You can access the courses on any device like PC, Mobile, Tablet & even on a smart tv. For mobile & a tablet you can download the Learnfly android or an iOS app. If mobile app is not available in your country, you can access the course directly by visting our website, its fully mobile friendly.Do i get any certificate for the courses?
Yes. Once you complete any course on our platform along with provided assessments by the instructor, you will be eligble to get certificate of course completion.For how long can i access my course on the platform?
You require an active subscription to access courses on our platform. If your subscription is active, you can access any course on our platform with no restrictions.Is there any free trial?
Currently, we do not offer any free trial.Can i cancel anytime?
Yes, you can cancel your subscription at any time. Your subscription will auto-renew until you cancel, but why would you want to?
Instructor
3199 Course Views
4 Courses