We see that the need for soc analysts is constantly increasing in the rising defensive security industry.
General skills that a successful security analyst should have are as follows:
- Netflow analysis
- Threat Intelligence
- Log Analysis
- Network Monitoring
- Network Security
We’ve gathered free / paid resources that you can use to improve these skills. If there is any resource you want to add to the list, please send an e-mail to [email protected]
Practice
- DetectionLab (Free)
- LetsDefend.io (Free/Paid – Blue team training)
- DetectionLabELK (Free)
Log Analysis
- malware-traffic-analysis (Free)
- Practical Packet Analysis (Book) Chris Sanders
- Logging and Log Management by Anton A. Chuvakin , Kevin J. Schmidt (Book)
- Sigma (Tool)
- SysmonSearch (Tool)
Network Monitoring
- Applied Network Security Monitoring: Collection, Detection, and Analysis (Book)
- Open Security Training
- SANS Reading Room
Linux Distributions
- Security Onion
- The Appliance for Digital Investigation and Analysis (ADIA) https://forensics.cert.org/#ADIA
- SANS Investigative Forensic Toolkit (SIFT) Workstation
Memory Analysis Tools
Professional Training
- FOR578: Cyber Threat Intelligence (Paid)
- SEC511: Continuous Monitoring & Security Operations (Paid)
- SEC445: SIEM Design & Implementation (Paid)
- AEGIS Certification (Paid)
Conferences
- Virus Bulletin
- SANS Blue Team Summit
- Blueteamcon
In the meantime, we have developed a cloud-based application so that you can acquire all these skills. You can start practicing as a member, without any setup. Visit “app.letsdefend.io” to create an account.