Autoplay
Autocomplete
Previous Lesson
Complete and Continue
SOC Analyst (Blue Team) Training Course
Section 1: Introduction
1.2.1 IoCs & Pyramid of pain (1:23)
1.2.2 Hash values (1:03)
1.2.2.2 Hash values - Hands-On (1:10)
1.2.2.2 Hash values - Hands-On 2 (1:06)
1.2.3 IP address (0:57)
1.2.4 Domain names (0:56)
1.2.5 Host & Network artifacts (0:21)
1.2.6 Conclusion (0:39)
Section 2: Endpoint Monitoring & Security
2.1.1 A bit about linux (1:50)
2.1.2 Linux Shell (1:02)
2.1.3 Linux command (0:55)
2.1.4 Linux commands (1:30)
2.1.5 Linux commands (2:20)
2.1.9 Linux Common directories & files (1:45)
2.1.2 Linux Shell (1:02)
2.2.1 A Bit about Windows (1:50)
2.2.2 Windows CMD - basics (2:11)
2.2.3 Windows CMD - File System (0:23)
2.2.4 Powershell (1:46)
2.3.1 Endpoint Monitoring (1:48)
2.3.2 Windows Event Logs (1:37)
2.3.3 Windows Event Logs 2 (2:38)
2.3.4 Endpoint Threats (2:18)
2.3.5 Endpoint Security Tools (2:41)
Section 3: Security Information & Event Management
3.1 A Typical Environment (2:07)
3.2 Elastic SIEM (3:45)
3.3 Elastic SIEM Hands-On - Part 1 (12:57)
3.4 Elastic SIEM Hands-On - Part 2 (8:30)
3.5 Elastic SIEM Hands-On - Part 3 (5:36)
3.6 Elastic KQL (7:38)
Section 4: Incident Response
4.1.1 Prioritization (4:21)
4.1.2 Handle an Alert (4:05)
4.1.3 Investigation Lead Questions (2:14)
4.1.4 Depper Analysis (5:09)
4.1.5 Tips (4:11)
4.2.1 NIST Incident Response Process (3:29)
Teach online with
3.1 A Typical Environment
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock