#BLUE: Blue teaming – From 0 to SOC Analyst

This course will show what a day in the life of a SOC analyst looks like, what they need to know, the challenges they face, and what you need to secure your first job in a SOC. 

Participants will learn live how to analyze a detection, what tools are used, and how to eliminate a threat. They will also learn about other roles in the blue team and their purpose within a company.

Why you should attend

Participants in this course will gain all the knowledge needed to work in a Security Operations Center, as well as a detailed perspective on what this involves.

What you will learn

  • SOC – What it is and how it works
  • Examples of blue team roles and their purpose
  • EDR/XDR – What they are and how they work
  • What is SIEM and what is used for
  • Actions you can take in an environment to mitigate a threat
  • How to tell the difference between a false positive detection and a true positive detection
  • What detection signatures are and what to do if a signature generates many false positives
  • Detection Methods (Heuristic-based detection, Signature-based detection, Behavioral detection, Network Detection & Sandbox detection)
  • Tools used for analysis
  • PowerShell & Bash command line usage(Windows & Linux)
  • What is OSQuery and how to use it
  • Networking Basics
  • Types of malware
  • Types of attacks
  • What are Persistence, Privilege Escalation, and Lateral Movement
  • Methods used by attackers to avoid EDR detection
  • What you need to secure your first SOC job.

Who is it for

This course is suited for beginners with or without experience who want to work in a SOC.

Other information & prerequisites

Participants would only need a notebook/laptop for notes. 

Additionally, all the tools presented for analysis can be used directly from a browser.

  • Language: ROMANIAN or ENGLISH
  • Duration: 8 hours
  • Minimum students: 8
  • Date: November 25th
  • Venue: To be announced
  • Price:
    • Before October 28th: 250 EURO + vat
    • After October 28th: 300 EURO + vat

About the trainer

GEORGE SAFTA

MDR Security Analyst at Bitdefender

George is a Blue Team specialist with extensive experience in Security Operations Centers (SOC). His expertise lies in monitoring, detecting, and responding to cyber threats, ensuring robust defense mechanisms are in place to protect organizations from attacks.

FAQs

Q: What happens if there aren’t enough participants?
A: If we do not meet the minimum number of participants, you can either transfer to another workshop and pay or receive a refund for any difference in price, or opt for a full refund. You will be notified in advance and given options to choose what works best for you.

Q: Are food and accommodation included in the price?
A:
The workshop price covers food. However, accommodation is not included, but we can recommend nearby options for your convenience.

Q: Can I get a refund if I can’t attend after registering?
A:
Yes, full refunds are available up to 20 days before the workshop start date. However, if you cancel after that, we can offer only 50% of the price.

Q: How and when will I receive the details about the location and prerequisites?
A:
You will receive an email with all the necessary details, including the workshop location, prerequisites, and schedule, at least one week before the event. If you have any immediate questions, feel free to reach out to us directly.