SOC analysts need a lot of theoretical and practical knowledge when detecting threats in their work routines. One of the best sources they can obtain this information is books. We will talk about 3 different books in this article: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software Blue Team Field Manual (BTFM) AppliedRead More
In this article, we will be discussing what the certificate is in general, its importance and the certificates in blue team based training programs. A certificate is a document that demonstrates competence in a particular subject. One of the most important elements in certificate programs is the training content. Candidates who want to achieve aRead More
Candidates who want to pursue a career in cyber security should have knowledge of the sub-branch of cyber security that they want to specialize in. In this article, we discuss penetration tester and SOC analyst, two important professions in the industry and explain what employees in both professions do, their daily work routines, what skillsRead More
During the investigation, SOC analysts do a few things at the same time. For instance: checking IP reputation, malware analysis, looking log management etc. And for saving time, they use some security tools. We listed the best tools/services for security analysts can use during the job. Investigation Process Hacker Great tool for monitoring the systemRead More
Recently we heard an exploit about Spring4Shell like everyone else. We quickly built an incident on LetsDefend about it. Now, we are explaining how you can setup up a home lab yourself. Requirements: Vulnerable app Spring4Shell exploit Docker Stages: Build a vulnerable app Preparation for attack Exploitation By the way, we have already built anRead More
The network is a path to target systems for attackers. This path is divided into 2 sections: Paths inside the organization and the interface that faces outside the organization. Network connections between the devices facing the external interface of the institution and network connections of the devices within the institution are critical for attack detectionRead More
SOC analysts obtain information on operating systems and analyze these logs in order to detect an attack and reveal the details about the attack. In this article, we will discuss which operating systems are encountered by SOC analysts and the logs that can be examined through these systems. Operating System Fundamentals for the Analyst WhenRead More
Who is a SOC Analyst? The security operations center (SOC) analyst is a cybersecurity expert responsible for monitoring and responding to threats to an organization’s IT infrastructure. Tier 1 SOC Analyst Core Task The main task of the Tier 1 SOC analyst is monitoring. He/she performs daily monitoring routines during working hours and examines alarmsRead More
In this article, we will talk about what SOC analyst is in general and what skills analyst candidates who want to improve themselves should have. Generally, there is a perception that being a university graduate has to get a degree. University education and having a degree are of course important in the career path. ButRead More
University students may have difficulties in choosing which parts to highlight while preparing their resumes. In this article, we will talk about how a SOC analyst candidate should prepare his/her first resume. I have been working as a SOC analyst, SIEM engineer, and Incident Responder in an enterprise SOC structure environment. So, I have anRead More