Curriculum
- 9 Sections
- 124 Lessons
- 52 Weeks
Expand all sectionsCollapse all sections
- Introduction to Cyber Dojo Platform5
- Introduction to Security Operations and Analysis Course1
- Chapter 1: Blue Team Tools and Operations26
- 3.1Chapter Overview2 Minutes
- 3.2Welcome to the Blue Team30 Minutes
- 3.3SOC Overview1 Hour
- 3.4Exercise 1.0: Virtual Machine Setup13 Minutes
- 3.5TryHackMe SOC Level 1 Path Intro7 Minutes
- 3.6TryHackMe Bonus Lab: Junior Security Analyst Intro27 Minutes
- 3.7Defensible Network Concepts46 Minutes
- 3.8Events, Alerts, Anomalies, and Incidents52 Minutes
- 3.9Incident Management Systems1 Hour
- 3.10Exercise 1.1: TheHive Incident Management System24 Minutes
- 3.11TryHackMe Bonus Lab: TheHive Project40 Minutes
- 3.12Threat Intelligence Platforms1 Hour
- 3.13MISP Overview10 Minutes
- 3.14Exercise 1.2: MISP Threat Intelligence Platform29 Minutes
- 3.15TryHackMe Bonus Lab: Intro to Cyber Threat Intel22 Minutes
- 3.16TryHackMe Bonus Lab: Threat Intelligence Tools1 Hour
- 3.17TryHackMe Bonus Lab: OpenCTI46 Minutes
- 3.18TryHackMe Bonus Lab: MISP19 Minutes
- 3.19TryHackMe Bonus Lab: Yara1 Hour
- 3.20SIEM and Automation1 Hour
- 3.21Know Your Enemy51 Minutes
- 3.22Exercise 1.3: SIEM with the Elastic Stack45 Minutes
- 3.23TryHackMe Bonus Lab: Introduction to SIEM40 Minutes
- 3.24Quiz: CTI Analyst1 Day19 Questions
- 3.25TryHackMe Bonus Lab: Friday Overtime19 Minutes
- 3.26TryHackMe Bonus Lab: Trooper18 Minutes
- Chapter 2: Understanding Your Network28
- 4.1Chapter 2 Overview7 Minutes
- 4.2Network Architecture1 Hour
- 4.3Traffic Capture and Analysis41 Minutes
- 4.4Understanding DNS55 Minutes
- 4.5DNS Analysis and Attacks2 Hours
- 4.6Exercise 2.1: Exploring DNS54 Minutes
- 4.7Understanding HTTP47 Minutes
- 4.8TryHackMe Bonus Lab: Web Application Basics40 Minutes
- 4.9HTTP(S) Analysis and Attacks1 Hour
- 4.10Exercise 2.2: HTTP and HTTPS Analysis34 Minutes
- 4.11Understanding SMTP and Email47 Minutes
- 4.12Exercise 2.3: SMTP and Email Analysis1 Hour
- 4.13Additional Network Protocols54 Minutes
- 4.14TryHackMe Bonus Lab: Traffic Analysis Essentials37 Minutes
- 4.15TryHackMe Bonus Lab: Snort1 Hour
- 4.16TryHackMe Bonus Lab: Snort Challenge – The Basics1 Hour
- 4.17TryHackMe Bonus Lab: Snort Challenge – Live Attacks15 Minutes
- 4.18TryHackMe Bonus Lab: NetworkMiner41 Minutes
- 4.19TryHackMe Bonus Lab: Zeek1 Hour
- 4.20Quiz: TryHackMe: Zeek Exercises2 Hours14 Questions
- 4.21TryHackMe Bonus Lab: Zeek Exercises33 Minutes
- 4.22TryHackMe Bonus Lab: Brim43 Minutes
- 4.23Quiz: Masterminds2 Hours23 Questions
- 4.24TryHackMe Bonus Lab: Wireshark: The Basics43 Minutes
- 4.25TryHackMe Bonus Lab: Wireshark: Packet Operations37 Minutes
- 4.26TryHackMe Bonus Lab: Wireshark: Traffic Analysis1 Hour
- 4.27Quiz: Carnage2 Hours19 Questions
- 4.28Quiz: Warzones2 Hours22 Questions
- Chapter 3: Understanding Endpoints, Logs, and Files26
- 5.1Chapter 3 Overview8 Minutes
- 5.2Endpoint Attack Tactics2 Hours
- 5.3Endpoint Defense In Depth2 Hours
- 5.4Bonus Session: LOLBins: The Double-Edged Sword of Cybersecurity and How to Hunt for Them2 Hours
- 5.5TryHackMe Bonus Lab: OpenVAS28 Minutes
- 5.6TryHackMe Bonus Lab: Nessus38 Minutes
- 5.7How Windows Logging Works20 Minutes
- 5.8How Linux Logging Works18 Minutes
- 5.9Interpreting Important Events1 Hour
- 5.10Exercise 3.1: Interpreting Windows Logs1 Hour
- 5.11Bonus Session: Understanding Kerberos and AD Attacks2 Hours
- 5.12Log Collection, Parsing, and Normalization43 Minutes
- 5.13Exercise 3.2: Log Enrichment and Visualization28 Minutes
- 5.14File Contents and Identification37 Minutes
- 5.15Identifying and Handling Suspicious Files1 Hour
- 5.16Exercise 3.3: Malicious File Identification1 Hour
- 5.17TryHackMe Bonus Lab: Intro to Endpoint Security25 Minutes
- 5.18TryHackMe Bonus Lab: Core Windows Processes42 Minutes
- 5.19TryHackMe Bonus Lab: Sysinternals
- 5.20TryHackMe Bonus Lab: Windows Event Logs
- 5.21TryHackMe Bonus Lab: Sysmon
- 5.22TryHackMe Bonus Lab: Osquery: The Basics
- 5.23TryHackMe Bonus Lab: Wazuh
- 5.24Quiz: Endpoint Security Monitoring3 Hours16 Questions
- 5.25TryHackMe Bonus Lab: Monday Monitor
- 5.26TryHackMe Bonus Lab: Retracted
- Chapter 4: Triage and Analysis29
- 6.1Chapter 4 Overview10 Minutes
- 6.2Alert Triage and Prioritization1 Hour
- 6.3Perception, Memory, and Investigation50 Minutes
- 6.4Models and Concepts for Infosec2 Hours
- 6.5Bonus Session: Incident Response Process2 Hours
- 6.6Exercise 4.1: Alert Triage & Prioritization59 Minutes
- 6.7TryHackMe Bonus Lab: Pyramid Of Pain
- 6.8TryHackMe Bonus Lab: Cyber Kill Chain
- 6.9TryHackMe Bonus Lab: Unified Kill Chain
- 6.10TryHackMe Bonus Lab: Diamond Model
- 6.11TryHackMe Bonus Lab: MITRE
- 6.12Quiz: Summit10 Minutes0 Questions
- 6.13TryHackMe Bonus Lab: Summit
- 6.14Quiz: Eviction10 Minutes0 Questions
- 6.15TryHackMe Bonus Lab: Eviction
- 6.16Structure Analytical Techniques1 Hour
- 6.17Analysis Questions and Tactics1 Hour
- 6.18Analysis OPSEC30 Minutes
- 6.19Exercise 4.2: Structured Analysis Challenge
- 6.20Intrusion Discovery
- 6.21Incident Closing and Quality Review
- 6.22Exercise 4.3: Collecting and Documenting Incident Information
- 6.23TryHackMe Bonus Lab: Investigating with ELK 101
- 6.24TryHackMe Bonus Lab: ItsyBitsy
- 6.25TryHackMe Bonus Lab: Splunk: Basics
- 6.26TryHackMe Bonus Lab: Incident handling with Splunk
- 6.27TryHackMe Bonus Lab: Investigating with Splunk
- 6.28Quiz: Benign3 Hours10 Questions
- 6.29TryHackMe Bonus Lab: Benign
- Chapter 5: Continuous Improvement, Analytics, and Automation11
- 7.1Improving Life in the SOC
- 7.2Analytic Features and Enrichment
- 7.3New Analytic Design, Testing, and Sharing
- 7.4Tuning and False Positive Reduction
- 7.5Exercise 5.1: Alert Tuning
- 7.6Automation and Orchestration
- 7.7Improving Operational Efficiency and Workflow
- 7.8Exercise 5.2: Security Automation
- 7.9Containing Identified Intrusions
- 7.10Exercise 5.3: Incident Containment
- 7.11Skill and Career Development
- Final Exam0
- Project: Day in the Life of a SOC Analyst8
- 9.1Background10 Minutes
- 9.2Alert (1): Suspicious Behavior on Corporate Web Server15 Minutes
- 9.3Alert (2): Unauthorized Access and File Exfiltration15 Minutes
- 9.4Alert (3): Possible Malware on Windows Host25 Minutes
- 9.5Alert (4): Possible Malware Detected20 Minutes
- 9.6Alert (5): Phishing Email Campaign5 Minutes
- 9.7Project Rubric15 Minutes
- 9.8Project Details and Submission14 Days
