// COMBOS → BLUE TEAM SECURITY
// BLUE TEAM SECURITY
SOC Analyst Level 1 Labs
// PROGRAM OVERVIEW
Entry-to-intermediate SOC training covering log triage, phishing investigation, SIEM rules, alert tuning, evidence collection, and incident handling.
// LEAD INSTRUCTOR
Michael Carter
Michael Carter teaches practical blue-team workflows from years of cloud incident response, detection engineering, and security operations leadership.
// 4 LABS INCLUDED
SOC Analyst Log Triage Fundamentals
Analyze authentication, endpoint, DNS, and web logs to separate normal activity from suspicious behavior. Students practice alert notes and escalation criteria.
Phishing Investigation and Email Security
Investigate a phishing case using email headers, URLs, attachments, and user reports. Students classify the threat and recommend containment actions.
SIEM Detection Rules and Alert Tuning
Write detection rules, tune false positives, map alerts to MITRE ATT&CK, and build a simple dashboard. Students learn practical SOC engineering habits.
Incident Handling Tabletop and Evidence Collection
Walk through a practical incident workflow: scope, contain, preserve evidence, communicate status, and close with lessons learned.
// GET ACCESS
Group pricing: $179
No registration required to purchase