🔐

Key Platforms for Aspiring SOC Analysts

Aug 22, 2024

Cyber Security Hands-On Experience: 10 Essential Platforms for Aspiring SOC Analysts

Introduction

  • Speaker: Stephen, Cyber Security professional with over 5 years in Security Operations.
  • Goal: Provide practical hands-on experience resources for those looking to become SOC analysts.

Importance of Hands-On Experience

  • Many candidates lack hands-on experience.
  • Practical experience is crucial to stand out in the field.

10 Recommended Platforms for Skill Development

1. Cyber Defenders

  • Offers a variety of labs in:
    • Network forensics
    • Endpoint malware analysis
    • Reverse engineering
    • Threat intelligence
  • Free and paid plans available.
  • Useful for building skills, especially during career transitions.

2. Blue Team Level One Labs

  • Provides numerous labs with two training types:
    • Investigations: Browser-based virtual machines.
    • Challenges: Downloadable lab artifacts for local VM use.

3. Let's Defend

  • Simulated SOC environment for practical experience.
  • Features:
    • Alerts to triage and investigate
    • Browser-based virtual machines
    • Quizzes for knowledge assessment.

4. TryHackMe

  • Popular for red teamers, but offers a range of blue team and SOC-related labs.
  • Unique feature: King of the Hill - multiplayer defensive and offensive gameplay.

5. Hack The Box

  • Another popular platform for red teamers with blue team challenges.
  • Notable challenge: Sherlock challenges - investigative scenarios post-compromise.

6. RangeForce

  • Provides over 16 hours of free content on:
    • Incident response
    • Reverse engineering
    • Phishing
    • Emerging threats.

7. Ace Responder

  • Offers rich blue team lab content, but most require a subscription.
  • Includes videos that explain how attacks work, beneficial for visual learners.

8. M Traffic Analysis

  • Focused on network analysis skills.
  • Maintained by Brad Duncan, updates regularly with new traffic captures.
  • Helps learn to identify and analyze malicious traffic.

9. KC7

  • Free platform that gamifies cybersecurity training.
  • Uses KQL (Kusto Query Language), beneficial for modern SOC environments.

10. Def Box

  • New platform (launched August 2023) for building projects and post-compromise investigations.
  • Features:
    • Pre-configured virtual machines with built-in SIM.
    • Generates attack telemetry with a single click.

Conclusion

  • Everyone's learning style varies; choose platforms that suit individual needs.
  • Theoretical knowledge alone is insufficient for SOC roles.
  • Embrace challenges and seek help through resources like write-ups and channel walkthroughs.
  • Encouragement to stay curious and innovative in the learning journey.

Full transcript