SOC Immersion Training™

Instruction Level

Status

Our courses are designed to cater to different levels of expertise, ensuring that every learner can find a suitable starting point and grow their skills progressively.

Course Duration

Status

Our flexible training arrangements allow you to learn at your best pace without sacrificing instructional quality.

Course Summary

SOC Immersion Training is a deep dive into Hunt Teaming & Intrusion Analysis. Actions taken by an adversary can be generally defined as a collection of TTPs and Tradecraft Core Concept (TCCs) to achieve specific objectives. SOC Immersion Training will deep dive into the analysis and detection of both threat actor TTPs and TCCs. This course will identify and explain the critical data points that drive the creation of the forensic artifacts necessary for analysis of TTPs & TCCs.

Course Core Objectives

SOC Immersion Training is designed for Intermediate level cybersecurity and/or hunt team analysts to increase their functional knowledge of analytical thinking & analysis concepts. By using demonstrated real-world attack methodologies in a step-by-step manor, SIT provides analysts with an in-depth understanding of how to analyze attack TTPs, and the ability to construct complex IOCs derived from environment specific threats and constraints. SOC Immersion Training will accomplish these course goals by providing labs taught from an attack specific perspective, coupled with well-designed detection & analysis capabilities to produce forensic evidence from multiple emulated advanced adversary attacks.

Course Differentiators

Our team has identified the following key areas you should consider when picking this course or others within the industry.

Cyber Range
Custom range with complete coverage into each of the key data points required to provide each student with access to a range representative of an enterprise security stack.
Lab Driven
Course is heavily focused around our labs, and lab environment. Instruction consists of short blocks of instruction followed by instructor led demonstrations, then a hands-on student lab
Tangible Metrics
Students will be able to decrease their mean time to detection and show improvements by determining the difference between their pre & post course KPIs
Personnel
Each course is taught by Red and Blue Team SMEs. This combination provides students with various viewpoints of both the offensive and defensive tradecraft.

Testimonials

Alexander Rymdeko-Harvey
was an excellent insight into the tasks of a SOC. Not only did it have actionable lessons on the tools and techniques needed to run a SOC, but also gave insight on ways to improve the operations of the team.

Skills You Will Obtain

Empower Your Growth: SOC Immersion Training™ can enhance your skills and advance your career.

Layered Analysis Methodology
Capability Mapping
Understanding of security capabilities & analysis methods versus tool usage.
Attack Analysis
Develop analysis skills to better comprehend, synthesize, and leverage data to resolve complex attack scenarios.
IOC Signature Development
Identify and create intelligence requirements for IOCs using threat modeling
Artifact Identification
Identify artifact and evidence locations to answer critical questions, including application execution, file access, data theft, & attack vectors

Prerequisites

  • Entry level of Windows IT principles
  • Entry level of Linux IT principles

Required Materials

- Student will bring a laptop and charger - Student will need a modern Linux, OSX or Windows host - Student will **NOT** need virtualization, it will be supplied

Provided Materials

- Essential cheat sheets for tools and complex analysis tasks - VOD (Video-on-Demand) training course access for 180 days following the class - Certification of completion

Designed For You

This course is a perfect match for these roles.

  • Security engineers
  • Security analysts
  • Security managers
  • SOC analysts
  • CND analysts
  • HUNT analysts
  • Detection engineers
  • Cyber threat investigators