Program Highlights
The SOC (Security Operations Center) Analyst training curriculum has been carefully crafted to provide aspiring and present SOC Analysts with a thorough knowledge of SOC operations and processes. Learn to recognize and respond to information security incidents, create and track security events like alerts, and conduct security investigations. Learn tools like Splunk and Security Onion.
40-Hour LIVE Instructor-led Training 
Highly Customized Training 
Hands-on Labs 
Scenario-based Learning on Latest Tools 
Immersive Learning 
Career Guidance and Interview Prep 
Post Training Support 
Access to Recorded Sessions
Learning Schedule
- upcoming classes
- corporate training
- 1 on 1 training
| 01 Feb - 09 Mar | Online | Weekend | 09:00 - 13:00 IST | BATCH OPEN |
Why Choose Our Corporate Training Solution
- Upskill your team on the latest tech
- Highly customized solutions
- Free Training Needs Analysis
- Skill-specific training delivery
- Secure your organizations inside-out
Why Choose 1-on-1 Training
- Get personalized attention
- Customized content
- Learn at your dedicated hour
- Instant clarification of doubt
- Guaranteed to run
Can't Find a Suitable Schedule? Talk to Our Training Advisor
The InfosecTrain’s SOC Analyst training course is specifically created for aspiring and current SOC Analysts who want to learn how to prevent, identify, assess, and respond to cybersecurity threats and incidents. The course is the first level of a course series that includes Level 1-SOC Analyst and Level 2-SOC Specialist, and is specifically designed to assist you in mastering over trending and in-demand technical abilities to carry out numerous sophisticated SOC activities.
The course begins with the fundamentals of SOC teams and Blue Team operation architecture before moving on to more advanced topics such as digital forensics, incident response, threat intelligence, and SIEM (Security Incident and Event Management) solutions.
This training course also helps participants plan their preparation for the SOC Analyst certification examinations, which are required to obtain the most sought-after position in the SOC team.
Domain 1: Security Terminologies, OS Basics & Network Fundamentals
- Why do we need Security?
- CIA Triad
- Concept of AAA
- Hacking Concepts
- Types of Hackers
- Domains of Security
- Ethical Hacking Phases
- Types of Attacks
- Network Fundamentals
- NOC vs SOC
- The OSI Model
- Network Devices
- Network Tools – Firewall, IDS, IPS, VPN, Switches, Routers
- Ports and Services
- Conducting a Port Scan with Nmap [Practical]
- Windows Operating System Fundamentals [Practical]
- Investigating Windows Operating System
- Windows Event Logs
- Windows Registry
- Scheduled Tasks
- File Analysis
- SysInternals Suite
- Command Prompt
- Sysmon (System Monitor)
- Linux Operating System Fundamentals [Practical]
- Linux Directory Services
- Most useful Linux Commands in SOC
- Events Logs in Linux
- Linux System Services
Domain 2: Blue Team Operations Architecture
- Why do we need SOC?
- What is SOC?
- Functions of SOC
- SOC Models & Types
- SOC Teams & Roles
- Incidents vs Events
- True vs False Incident Categories
- Concept of Logging
- Local Logging vs Centralized Logging
- Log Management & Log Analysis
- Log Management needs
- Concept of Log Analysis
- Web Server Logs
- Firewall Logs
- SSH Logs
- Windows Event Logs
- Using Regex for Log Analysis [Practical]
- SOC Workflow: ITSM Workflow
- ITSM Tools: Service Now, JIRA, BMC, Request Tracker, etc.
Domain 3: SIEM – Nervous System of SOC
- Why do we need SIEM?
- What is SIEM?
- Security Information Management (SIM)
- Security Event Management (SEM)
- SIEM guidelines and architecture
- SIEM Capabilities: Aggregation, Correlation, Reporting, Storage, Alerts, etc.
- Using Splunk [Practical]
- Section Introduction
- Installing Splunk
- UI Navigation
- Search Queries using SPL
- Creating Alerts & Dashboard
Domain 4: Importance of Threat Intelligence
- What is Threat?
- Why do we need Intelligence?
- Introduction to Threat Intelligence
- Threats, Threat Actors, APTs & Global Campaigns
- Network Level Threats
- Web App Level Threats
- Host Level Threats
- IOCs vs IOA vs Precursors
- Traffic Light Protocol (TLP)
- Pyramid of Pain [Practical]
- Collecting Threat Intelligence [Practical]
- Paid vs Open-Source Intelligence Gathering
- Types of Threat Intelligence
- Strategic Threat Intelligence
- Operational Threat Intelligence
- Tactical Threat Intelligence
- Technical Threat Intelligence
- Enhanced Detection with Threat Intelligence
- Maltego, MISP, STIX, TAXII, etc. [Practical]
Domain 5: Basics of Incident Response & Forensics
- Forensics Fundamentals
- File Systems
- Hard Disk Drive Basics
- Forensics Process [Practical]
- Digital Evidence and Handling
- Order of Volatility
- Chain of Custody
- Hashing & Integrity
- Email Forensics
- How Electronic Mail Works
- Anatomy of an Email
- What is Phishing?
- Types of Phishing
- Spear Phishing
- Whaling
- Impersonation
- Typosquatting and Homographs
- Sender Spoofing
- URL Shortening
- Business Email Compromise
- Analysing Phishing Emails [Practical]
- Analysing Artifacts
- Red Flags of Phishing Emails
- URL Reputation
- File Reputation
- SPF
- DKIM
- DMARC
- Manual & Automated Analysis
- Incident Response
- Introduction to Incident Response
- What is an Incident Response?
- Why is IR Needed?
- Incident Response Lifecycle – NIST SP 800 61r2
- Incident Response Plan: Preparation, Detection & Analysis, Containment, Eradication, Recovery, Lessons Learned
- Incident Response and Security Operations Integration
- Case Study: Cyber Kill Chain in Incident Response
- Lockheed Martin Cyber Kill Chain
- What is it, why is it used ?
- Case Study: Monero Crypto-Mining
- MITRE ATT&CK Framework [Practical]
- What is it, why is it used ?
- Matrices in Mitre
- Mapping Data with Mitre
- Case Study 1: APT3
- Case Study 2: OilRig
- Technical Support Engineers
- System Administrators
- Security Consultants
- Cyber Security Analysts
- Network Engineers
- Network Architects or Admin
- Security System Engineers
- SOC Analysts (L1 & L2)
- Information Security Researcher
- Entry-level Information Security role
- Anyone Who wants to become SOC Analyst
Basic Knowledge of:
- Networking fundamentals
- OS basics & Troubleshooting is recommended
- Basics of Information Security
- Basics of Cyber World & Security
- Beginner or Fresher for SOC Operations Centre
- Working on Information Security Role
This course is not directly linked to any exam. However, the course curriculum provides in-depth training and expertise for participants to qualify any SOC exam or interview to become seasoned SOC Analysts.
This SOC Analyst training course allows you to:
- Understand the Security Operation Center (SOC) team operations
- Understand Blue Team operations architecture
- In-depth knowledge of digital forensics, threat intelligence, and incident response
- Understand technical strategies, tools, and procedures to safeguard data for your organization
- Understand essential SOC tools like Splunk and Security Onion
- Understand how to recognize threats and implement countermeasures
How We Help You Succeed
Vision
Goal
Skill-Building
Mentoring
Direction
Support
Success
Your Trusted Instructors
10+ Years Of Experience
10+ Years Of Experience
6+ Years Of Experience
Words Have Power
The SOC instructor is well known all over the social network. I found him initially on YouTube while preparing CC isc2 prior to joining my CISSP and was impressed with the way he was delivering the content. His energy was amazing, clear communication was loud and clear. He kept us awake and focused on these long hours the entire session. Well-mannered, friendly, dedicated, and committed trainer. Would love to join any future training at InfosecTrain.
I have learned the most about cyber security (SOC Analyst) from this organization. Our trainer, in particular, has given me the greatest advice and knowledge. Best Regards to the entire InfosecTrain team.
Impressed with the trainer’s details in explanation and his knowledge. He kept the class engaging, and I never felt bored or at a slow pace. He also gave enough time to complete the tasks and check back on the doubts. Thanks for this training.
The trainer has great knowledge about the topic, and he knows what he is teaching us. Kudos to him. Thank you so much InfosecTrain.
It was a great experience,got opportunity to explore many new things and able to sort out doubts logically.
It’s a very good and informative session. It is great to have an instructor who keeps inspiring you throughout the course.
Success Speaks Volumes
Get a Sample Certificate
Frequently Asked Questions
What is a Security Operation Center (SOC)?
A Security Operations Center (SOC) is an essential component of a data protection and security system that helps lower the level of risk that information systems face from external and internal threats.
What steps can I take to become a SOC Analyst?
You will need a bachelor’s degree in computer science or a related discipline to become a SOC Analyst. Additionally, you must receive sufficient training from a reputable institution to obtain certification and experience to become a SOC Analyst. Each company looking to hire a SOC Analyst will have different experience requirements, so get the experience you need.
What skills do you need to work as a SOC Analyst?
You will require the following skills to become a SOC Analyst:
- Programming skills
- Understanding of cybersecurity and information security fundamentals
- Understanding of network security
- Incident handling and documentation
- Ethical hacking skills
Is SOC a viable career option?
SOC Analyst is a job title that is held by both newcomers and seasoned professionals in the field of information security. It is a great stepping stone into a cybersecurity professional, but it is also challenging.
What do SOC Analysts get paid?
As per Indeed, the typical salary for a SOC Analyst in the United States is $84,601 per year.
What are the tools that a SOC Analyst employs?
- Splunk
- Security Onion
- AlienVault
What is the role of a SOC Analyst?
A SOC Analyst is a member of the cybersecurity team in charge of monitoring and combating threats to a company’s IT infrastructure. They are at the forefront against security threats, and they are responsible for evaluating security systems, discovering and repairing vulnerabilities, and increasing cyber resilience.
What is Security Information and Event Management?
SIEM or Security Information and Event Management is a software system that collects and analyses data from a variety of sources throughout your IT infrastructure.
Difference between NOC and SOC?
The NOC is in charge of ensuring that corporate infrastructure can support business activities, while the SOC is in charge of safeguarding the company from cyber-attacks that could interrupt such operations.
1800-843-7890 (India) 
