Autoplay
Autocomplete
Dark Mode
Speed
Previous Lesson
Complete and Continue
Security Operations (SOC) 101
Introduction
Course Introduction (8:31)
Prerequisites and Course Resources (5:59)
Course Discord and Support (2:32)
Lab Setup
Installing Oracle VM VirtualBox (4:53)
Installing Windows (12:08)
Configuring Windows (10:51)
Installing Ubuntu (12:35)
Configuring Ubuntu (6:36)
Configuring the Lab Network (5:23)
Security Operations Fundamentals
The SOC and Its Role (18:40)
Day in the Life of a SOC Analyst (9:44)
Information Security Refresher (22:52)
SOC Models, Roles, and Organizational Structures (11:27)
Incident and Event Management (7:26)
SOC Metrics (5:59)
SOC Tools (16:12)
Common Threats and Attacks (16:59)
✏️ Quiz - Security Operations Fundamentals
Phishing Analysis
Introduction to Phishing (14:04)
Email Fundamentals (12:33)
Phishing Analysis Configuration (6:04)
Phishing Attack Types (16:19)
Phishing Attack Techniques (14:58)
Email Analysis Methodology (5:41)
Email Header and Sender Analysis (21:24)
Email Authentication Methods (17:25)
Email Content Analysis (12:49)
The Anatomy of a URL (8:28)
Email URL Analysis (21:51)
Email Attachment Analysis (14:40)
Dynamic Attachment Analysis and Sandboxing (21:17)
Static MalDoc Analysis (6:53)
Static PDF Analysis (10:46)
Automated Email Analysis with PhishTool (6:11)
Reactive Phishing Defense (27:25)
Proactive Phishing Defense (13:18)
Documentation and Reporting (11:51)
🧪 Phishing Analysis Challenge 1
🧪 Phishing Analysis Challenge 2
🧪 Phishing Analysis Challenge 3
Additional Practice (3:55)
✏️ Quiz - Phishing Analysis
Network Security
Introduction to Network Security (4:06)
Network Security Theory (29:57)
Packet Capture and Flow Analysis (11:50)
Introduction to tcpdump (15:33)
tcpdump: Capturing Network Traffic (14:17)
tcpdump: Analyzing Network Traffic (13:45)
tcpdump: Analyzing Network Traffic (Sample 2) (14:47)
🧪 tcpdump Challenge 1
Introduction to Wireshark (15:51)
Wireshark: Capture and Display Filters (11:59)
Wireshark: Statistics (11:57)
Wireshark: Analyzing Network Traffic (19:27)
🧪 Wireshark Challenge 1
Intrusion Detection and Prevention Systems (7:41)
Introduction to Snort (17:37)
Snort: Reading and Writing Rules (24:44)
Snort: Intrusion Detection and Prevention (20:54)
🧪 Snort Challenge 1
Additional Practice (3:12)
✏️ Quiz - Network Security
Endpoint Security
Introduction to Endpoint Security (3:07)
Endpoint Security Controls (13:14)
Creating Our Malware (13:42)
Windows Network Analysis (24:11)
Windows Process Analysis (28:54)
Windows Core Processes (Part 1) (14:52)
Windows Core Processes (Part 2) (17:15)
The Windows Registry (13:51)
Windows Autoruns (Part 1) (13:09)
Windows Autoruns (Part 2) (16:03)
Windows Service Analysis (13:49)
Windows Scheduled Tasks (11:08)
🧪 Windows Endpoint Analysis Challenge 1
Windows Event Logs (25:20)
🧪 Windows Events Challenge 1
Introduction to Sysmon (10:22)
Sysmon Events (29:16)
Linux Network Analysis (16:49)
Linux Process Analysis (25:37)
Linux Cron Jobs (12:56)
🧪 Linux Endpoint Analysis Challenge 1
Introduction to LimaCharlie (6:53)
LimaCharlie: Endpoint Detection and Response (20:21)
LimaCharlie: Deploying Endpoint Agents (17:04)
✏️ Quiz - Endpoint Security
Security Information and Event Management (SIEM)
Introduction to SIEM and Log Management (7:06)
SIEM Architecture (22:26)
SIEM Deployment Models (9:56)
Log Types (11:12)
Log Formats (5:13)
Common Attack Signatures: User Behavior (9:30)
Common Attack Signatures: SQL Injection (6:32)
Common Attack Signatures: Cross-Site Scripting (3:08)
Common Attack Signatures: Command Injection (4:27)
Common Attack Signatures: Path Traversal and Local File Inclusion (4:01)
Command Line Log Analysis (24:45)
Pattern Matching (8:31)
Structured Log Analysis (7:57)
🧪 Log Analysis Challenge 1
Introduction to Splunk (9:13)
Splunk: Initial Walkthrough (7:36)
Splunk: Importing and Exploring Events (24:03)
Splunk: Search Processing Language (SPL) (19:20)
Splunk: Search Commands (16:15)
Splunk: Reports and Alerts (10:16)
Splunk: Creating Dashboards (13:33)
🧪 [Live] Splunk: Website Defacement Investigation (61:04)
🧪 Splunk: Ransomware Challenge
Splunk: Deploying a Forwarder and Generating Real-Time Alerts (15:01)
Section Cleanup
✏️ Quiz - SIEM
Threat Intelligence
Introduction to Threat Intelligence (5:10)
Types of Threat Intelligence (8:14)
The Threat Intelligence Cycle (11:02)
The Diamond Model of Intrusion Analysis (16:05)
The Cyber Kill Chain (16:09)
The Pyramid of Pain (18:14)
MITRE ATT&CK (25:05)
🧪 MITRE ATT&CK Challenge 1
Introduction to YARA (12:48)
YARA: Reading and Writing Rules (Part 1) (19:37)
YARA: Reading and Writing Rules (Part 2) (14:37)
🧪 YARA Challenge 1
Introduction to MISP (Malware Information Sharing Platform) (19:44)
MISP: Event Management (18:59)
MISP: Ingesting Threat Intelligence Feeds (14:48)
✏️ Quiz - Threat Intelligence
Digital Forensics
Introduction to Digital Forensics (7:11)
The Digital Forensics Investigation Process (20:22)
Order of Volatility (19:11)
Chain of Custody (9:40)
Introduction to FTK Imager (20:04)
FTK Imager: Forensic Image Acquisition (14:26)
FTK Imager: Memory Acquisition (12:41)
Common Windows Forensic Artifacts (18:50)
Windows Forensic Artifacts: User and System (19:37)
Windows Forensic Artifacts: Files (16:12)
Windows Forensic Artifacts: Program Execution (13:28)
LNK Files, Prefetch Files, and Jump Lists (25:56)
Windows Forensic Artifact Triage (23:18)
Introduction to Volatility (11:27)
Volatility: Memory Analysis (8:48)
Volatility: Network Memory Analysis (7:12)
Volatility: Process Memory Analysis (17:02)
Volatility: Registry Memory Analysis (9:28)
🧪 Volatility Challenge 1
✏️ Quiz - Digital Forensics
Incident Response
Introduction to Incident Response (9:41)
Incident Response Frameworks (7:31)
Preparation (27:03)
Identification (11:23)
Containment (17:36)
Eradication (11:44)
Recovery (4:00)
Lessons Learned (8:37)
✏️ Quiz - Incident Response
Conclusion
Course Wrap Up (2:27)
Next Steps: Practical SOC Analyst Associate (PSAA)
Introduction to SIEM and Log Management
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock