0345 4506120

Security Operations Centre (SOC) Analyst Programme - Foundation, Investigator and Responder Bundle

Overview

This hands-on SOC Analyst Programme is a purposeful pathway for new Security Analysts, but also provides a platform for re-skilling existing IT teams. The typical ten week programme starts at a foundation level and accelerates at a pace designed to increase both knowledge and confidence of the individual at a sustainable rate. Delegates can attend the entire programme or choose to join one or more of the three SOC Analyst Programme modules - Foundation, Investigator and Responder.

What's Included

The Foundation Programme consists of 4 courses as follows (Weeks 1-3):

Network Security Fundamentals - 3 days

Organisations must consider securing their systems and platforms that are linked across enterprise-wide and virtual private networks, notwithstanding connect mobile users. In this course, delegates will learn about the fundamental security concepts, security policy management and end-to-end network security. This course helps delegates to analyse the risks to networks and the appropriate countermeasures (firewalls and intrusion detection) to reduce exposure to network attacks and malicious software.

This course provides the essential network security foundation training needed to address the cyber threat lifecycle.

IT Security Fundamentals - 5 days

This 5-day instructor-led course serves as an in depth introduction to the field of Information Security - it is not aligned to a specific examination or vendor accreditation and therefore the content will be updated on a regular basis.

This course is designed for IT professionals and technical managers who want to understand key IT security issues and how best to address them. The course will also be of benefit to IT systems analysts, designers and software developers.

The course allows delegate extensive hands-on experience with a variety of security software and techniques. The content is vendor-agnostic and focuses on general information security.

CyberSec First Responder - 5 days

This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. The course introduces strategies, frameworks, methodologies, and tools to manage cyber security risks, identify various types of common threats, design and operate secure computing and networking environments, assess and audit the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. The course also covers closely related information assurance topics such as auditing and forensics to provide a sound basis for a comprehensive approach to security aimed toward those on the front lines of defence.

Delegates will be provided with a CyberSec First Responder PearsonVue exam voucher upon successful completion of the five-day course.

Cyber Defender Foundation (CTF Programme Assessment) - 2 days

The cyber defender foundation capture the flag (CTF) has been designed to test and teach those responsible for detecting and defending an organisation against a cyber-attack. The  cyber lab offers a safe environment for IT and security teams to develop their cyber defence skills and put to them to the test against the clock.

This is not for your elite 'hackathon# champions, this foundation CTF provides a learning platform for your multi-discipline technical teams to work together collaborating as they would do in a real cyber-attack. During the event challenges are released which requires the participants to navigate through systems, seeking vulnerabilities, exploiting, decrypting, whatever it takes to find the flag. Talented individuals working in isolation can't defend an organisation successfully. Learn the necessary cyber defence 'trade craft' skills, in our state of the art cyber lab, a fully immersive learning experience, harnessing the talent within your teams to solve the challenges together before you have to do it for real.

The Investigator Programme consists of 5 courses as follows (Weeks 4 - 6):

Introduction to Digital Forensics - 3 Days

Introduction to digital forensics is designed to help commercial and government organizations collect, preserve and report on digital artefacts in a way which is suitable for use in investigations. The course covers the broad topics essential to the digital forensics disciplines. It sets out a framework for investigations, covering the best practice as described by The National Police Chiefs' Council (NPCC) formally ACPO guidelines. Forensic fundamentals will be covered as well as the use of open source forensic tools. The data will be then analysed and an example report produced.

Open Source Intelligence Boot Camp - 5 Days

This Open Source Intelligence (OSINT) & Dark Web boot camp will provide delegates with skills to become efficient and effective at finding those key pieces of intelligence on the Internet and Dark Web. Dark Web allows criminals and human rights activists alike to avoid the people hunting them. There are a number of key technologies that have allowed The Dark Web to flourish, from cryptocurrency Bitcoin to software that allows anonymity such as Tor. The Dark Web is at the fore-front of criminal innovation and understanding how it works is the first step in being able to combat the illegal activities that go on there. This boot camp is highly practical allowing delegates the time to explore and understand some of the hundreds of tools and websites available.

Understanding and Managing the Threat of Malware – 3 Days

This 3-day workshop is designed to give delegates the technical ‘hands-on’ understanding and crucially analysing modern malware.

This instructor-led event will combine lectures on the types of malware currently in use on the Internet, how that malware is created and distributed, strategies used for infecting victims, and how malware can be detected and removed. The course also contains many hands-on exercises in which delegates will inspect and use different types of malware, create malware infections in a controlled virtual environment and clean malware from computers.

Introduction to Reverse Engineering Malware - 1 Day

This course is a one day introduction to reverse engineering malware in the Linux environment. Delegates will be guided through the entire process gaining new skills and experience reverse engineering malicious software with an insight in to the techniques used by malware to spread and infect other machines and devices and obfuscate their activity.

Delegates will gain hands on experience using decompilers, debuggers, network traffic analysis tools, hex editors and memory analysis tools.

This course is aimed at an introductory level to those wishing to learn both the basics and advanced techniques used to reverse engineer software. This course would be ideal for incident responders who want to take a more proactive role in analyzing identified threats.

Threat Hunting (CTF Programme Assessment) - 1 Day

How do you know your organisation has already been compromised?

Most organisations are overwhelmed with alerts and lack visibility and the skills they need to detect and investigate advanced threats. The Threat Hunting course has been designed to test and teach those responsible for detecting and defending against advanced cyber-attacks. Learn to identify indicators, previously undetected vulnerabilities, suspicious insider or malicious activity on your network. Pinpoint advanced malware, zero-day vulnerabilities and lateral movement within your network. The cyber lab offers a safe environment for IT and security teams to develop their cyber defence skills and put to them to the test against the clock.

Learn where to look before, during and after an attack has taken place. Identify the presence of known and unknown vulnerabilities, compromises and threat actors. Discover tools and techniques to support rapid analysis of advanced cyber-attacks.

The Responder Programme consists of 4 courses as follows (Weeks 7 - 10):

Security Operations Centre (SOC) Analyst Foundation - 4 Days

Security operations training to help you respond to security incidents and vulnerabilities. Improve your operational security capability, leverage the security operations centre (SOC) analyst and specialist training techniques used in vulnerability management and security information event management (SIEM) platforms. Understanding the techniques provides a foundation for assessing and managing cyber risk through effective security incident triage. This course provides security operations analysts the foundation training needed to address the cyber threat lifecycle, looking at common and advanced attack vectors, detection, reporting and collaboration and simulated attack.

The Art Of Hacking - 5 Days

This course teaches the attendees a wealth of hacking techniques to compromise the security of various operating systems, networking devices and web application components. The course starts from the very basic and gradually builds up to the level where attendees can not only use the tools and techniques to hack various components involved in infrastructure and web hacking, but also walk away with a solid understanding of the concepts on which these tools work. The course comprises of 3 days of infrastructure hacking and 2 days of web hacking.

Intrusion Detection and Incident Response - 3 Days

Intrusion detection & Incident Response three day course is designed for security practitioners responsible for responding to security incidents, security triage, security detection, response and remediation.

Simulated Attack and Defence (Cyber Challenge Programme Assessment) - 1 Day

This simulated attack & defence challenge is designed to simulate a wide variety of real world attacks testing the delegate's ability under pressure to detect and mitigate live attacks as they happen. Each team is responsible for the security of a network of virtual infrastructure and applications configured like any other online business where each team must maintain the uptime of their assets and defend them from attack.

During this one day course delegates will be asked to identify vulnerabilities in a number of compromised systems, patch or mitigate those vulnerabilities, identify malware and other types of backdoors installed by an attacker and defend their assets in an attack/defend type scenario.

Related Courses

Our Customers Include