SOC Level 1 Analyst Training

About This Course

This training aims to equip participants with 24/7 cybersecurity monitoring and incident response competencies.
Participants will gain the ability to detect, analyze, and report security incidents on Windows and Linux systems; and acquire real-world experience through scenario-based exercises.

Who Should Attend?

Students and recent graduates aiming for a career in the IT and cybersecurity sector
Professionals working or aspiring to work in network and system security
Individuals preparing for ethical hacking certifications (CEH / OSCP)
Those seeking roles within SOC and security operations teams

Participant Gains

Detecting and analyzing basic security incidents in Windows and Linux systems
Gaining endpoint and network security monitoring skills
Simple threat detection using OSINT and YARA
Hands-on experience through phishing and malware samples
Performing log correlation and reporting using SIEM and EDR tools
Gaining experience in real-world SOC scenarios
Introduction to incident response and threat hunting processes

Topics

1. Introduction to Cybersecurity

Definition and importance of cybersecurity
Overview of cybersecurity job units
Career insights and opportunities in cybersecurity
In-depth explanation of SOC-related roles

2. Windows & Linux Fundamentals

Basic structure of Windows and Linux operating systems
File and folder management, user and group management
Active Directory and basic OS administration

3. SOC Fundamentals

SOC structure and roles
Threat Intelligence and basic incident response concepts
Digital Forensics & Incident Response (DFIR)
Introduction to malware analysis

4. Cyber Defense and Security Frameworks

Monitoring hashes, IPs, and domains
Understanding attack phases: Cyber Kill Chain
MITRE ATT&CK Framework: TTPs and basic usage

5. Threat Intelligence & OSINT

Fundamentals and concepts of threat intelligence
OSINT techniques: IP analysis and basic investigations
Simple malware detection using YARA rules

6. What is a Log? Log Management

Windows Event Viewer
Sysmon installation
Log analysis (Event Viewer, Sysmon, PowerShell)

7. Phishing Analysis

Detecting and analyzing email threats
Examining email headers, bodies, and delivery paths
Phishing scenarios and practical exercises

8. Endpoint Security Monitoring

Core Windows processes: smss.exe, wininit.exe, svchost.exe, lsass.exe, winlogon.exe, explorer.exe
Basic usage of system and security tools
Event Viewer and critical Event IDs
EDR for endpoint monitoring and incident analysis

9. SIEM (Security Information & Event Management)

SIEM basics: log collection, alerts, and correlation
Using Splunk or Wazuh: data ingestion and dashboard creation
Practical exercises: log correlation, report, and alert management

10. Incident Response and Threat Hunting

Initial incident response and prioritization
Using simple playbooks and workflows
Detecting IOCs (Indicators of Compromise) and mini hunt scenarios

11. SOC Reporting and Communication

Reporting analysis results
Effective communication with management and other teams
Alert management and documentation

12. Cybersecurity Career Planning

CV preparation and interview techniques
Pathways to specialization in cybersecurity
Mentorship support for achieving career goals

Duration / Fee

Total Duration

36 Saat

1 Month (3 Days per Week × 3 Hours)

Training Hours

18:00-21:00

Fee

Detaylı bilgi için arayınız.

Preliminary Information Form