0345 4506120

Security Operations Centre (SOC) Analyst Foundation

Security operations training to help you respond to security incidents and vulnerabilities. Improve your operational security capability, leverage the security operations centre (SOC) analyst and specialist training techniques used in vulnerability management and security information event management (SIEM) platforms. Understanding the techniques provides a foundation for assessing and managing cyber risk through effective security incident triage. This course provides security operations analysts the foundation training needed to address the cyber threat lifecycle, looking at common and advanced attack vectors, detection, reporting and collaboration and simulated attack.


Learning Objectives

  • Security Management
  • Incident Response
  • Security Education
  • Security Information Event Management
  • Vulnerability Management
  • Threat Detection
  • Simulated Attack


There are no specific prerequisites for this course, however, participants are expected to have a general understanding of cyber threats and risk management. The course is designed for individuals responsible for defending organisations from cyber attacks.

Course Content

Module 1 - Security Management

  • What is Security Operations
  • Finding the sweet spot
  • Security and Control
  • Security Goals
  • Reliability vs Security
  • Typical Security Flaws

Module 2 - Incident Response & Continuity Management

  • Incident Response vs Business Continuity
  • Incident Response Plans
  • Business Continuity Plans

Module 3 - Security Education

  • Implementing Security Programmes

Module 4 - Security Information Event Management

  • SIEM Processes & Architecture
  • SIEM Features & Functions
  • Security Auditing
  • Event Definition
  • Audit Logs - What to collect from Where
  • Data Analysis

Module 5 - Vulnerability Management

  • Vulnerability Management Process
  • Vulnerability Scanning
  • Remediation & Re-scanning

Module 6 - Threat Detection

  • Intruder Behaviour
  • IDS Systems
  • Anomaly Detection
  • Open Source IDS
  • Honeypots
  • Advanced Threats

Module 7 - Security Assessments

  • Penetration Testing
  • Red Teams
  • Scanning (NMap)
  • Firewall & IDS Evasion
  • Kali Linux
  • Metasploit
  • Meterpreter
  • Hydra
  • Social Engineering Toolkit

Module 8 - Simulated Attack - Defend - Attack

  • Offensive Defence Tradecracft

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include