Course

Certified SOC Analyst - Level 1

Intermediate SIEM monitoring, alert triage.
Get Started
AU
Admin User
Course Instructor
Overview

Over View

Overview

Intermediate level — focuses on SIEM usage and alert triage.

Announcements
forum
Get access
Lessons

SOC Tiers & Alert Lifecycle

Topics:

  • Tier 1 responsibilities

  • Alert queue management

  • Types of alerts (Informational, Low, Medium, High)

  • Types of incidents (Phishing, Malware, Insider threat)

Activities: 0

SIEM Dashboard Navigation & Log Review

Topics:

  • SIEM dashboards overview

  • Event correlation basics

  • Querying logs (KQL-like dummy queries)

  • Identifying suspicious patterns

Activities: 0

Incident Triage & Response Steps

Topics:

  • L1 triage framework

  • How to classify alerts

  • How to validate events

  • Containment recommendations for common threats

Activities: 0

Final L1 Assessment

Topics:

  • Case study 1 (Phishing scenario)

  • Case study 2 (Malware detection)

  • Documentation checklist

Activities: 0