Course SOC Junior Analyst | CYBER SECURITY duration Online
In today's highly interconnected world, Information Security is an area of expertise that is acquiring more an more importance in business processes and in the world of work.
The experts in Cyber Security (Ethical Hackers and SOC Analysts) are the leading figures in this field, they master the same tools used by hackers and exploit the point of view of an attacker to choose and deploy the right countermeasures for the protection of their systems. This professional figure is therefore a key asset in a company's arsenal to ensure the protection of its know-how and more generally of all its sensitive data.
Summary of contents
This basic course, which is created as part of a broader training course in the field of Cyber Security, is thought for students who already have basic knowledge of Network and cyber attacks principles according to the OWASP guidelines.
The lectures will take place in a creative environment, in a creative environment, with references to the "Old School" underground culture typical of hacking, using a Learn-by-Doing approach.The theory will go hand in hand with a substantial part of laboratory for practical sessions of recognition and protection from hackers' attacks, with the aim of speeding up and facilitating the learning of some of the most complex issues.
The laboratory environment provides participants with a practical experience thanks to the use of leading attack analysis softwares and the tools that every SOC Analyst needs to know. Students will acquire the knowledge to allow them to recognize the main intrusion techniques, as well as to understand which specific measures can be taken to ensure an adequate level of system security.
- Introduction to SOC: In this module the topics addressed are: what is a SOC Analyst, what s/he does, what is his/her role and his/her importance. A division according to prior knowledge will be discussed, if necessary. National legislation in the field of IT security will also be addressed.
- Introduction to SIEM: In the second module you start to go deep on the tools needed by a SOC Analyst. It will be explained what a SIEM is, of which parts it is made of, how the log collection works, their aggregation through rules and how to perform the tuning of the rules themselves. Examples on both proprietary and Open Source SIEM will be shown.
- Notes on protection devices: Introduction and notes on the main systems used for perimeter or internal security (IDS/IPS), on the operation of the main Host-Based and Network-Based software. The issues related to the difference and usefulness of each tool for the protection and integrity of systems and networks will be addressed.
- Threat intelligence and Hunting: The Threat Intelligence and Hunting section deals specifically with the part related to defense tools, tools available to a SOC analyst and the correlation of threats through the use of public sources and T.I. tools. Overview also on the main tools used for Threat Intelligence and malware analysis.
- Examples of the most common alerts and their management: Technical module that will address the main types of alerts that can usually be encountered on SIEM, including of their analysis and the preparation of the final report.
- Incident Response: Section dedicated to the main phases of response and management of incidents, with a strong focus on management, taking charge and triage from L1. Notes on L2 and L3 analysis. Example of incident reporting.
Practical sessions: 8 hours from remote.
Details of each teaching unit will be provided during the first encounter.
The minimum requirements for participation are: a basic knowledge in the use of computers and networks and a strong curiosity for the world of hacking and cyber security, in particular regarding the principles of cyber attacks according to OWASP guidelines.
Equipment and Note
A solid preparation that will allow you to develop the necessary foundations to operate in the field of Information Security with a SOC Analyst profile.
You will gain practical experience on how to use of the main SIEM softwares (IBM QRadar, Splunk, ELK) and the most popular tools used by a SOC.
Notebook: 64-bit dual core CPU | 8GB RAM | S.O. Windows, GNU/Linux or macOS.
NOTE: Academic hours of 50'.
"One of the best Geeks courses, enriched also by the presence of highly qualified teachers"
"Very prepared, competent and AVAILABLE teachers!"
"The SOC Analyst course of the Geeks Academy gives a comprehensive preparation about the Ethical Hacking training course. The teachers are true expertise who have succeeded in the intent to combine the wealth of information with a clear exposition full of real examples. The passion they transmit is so contagious that one would like the course to never end!"