SIEM/SOC Advanced
NS108
This SOC Operation course is designed for SOC organizations implementing a SOC solution and provides full guidance on the necessary skills and procedures to operate it. The training will provide trainers with all aspects needed for a SOC team to keeping the adversary out of the enterprise.
NS108 Final Project: create a code that will be used for IR teams to identify abnormal pcap files.
FIVE | NINE | 85% | 40
SCENARIOS LABS HANDS-ON DURATION

LAB 01
Windows Events
LAB 02
Sysmon Events
LAB 03
Text Manipulation
LAB 04
Working with Tshark
LAB 05
ELK
LAB 06
Registry Analysis
LAB 09
Working with WMI
LAB 07
Process Analysis
LAB 08
Advanced Filtering using Zeek
Scenario: SCCB001
Rodpicom Botnet sends a message to the victim with a link to a malicious site that leads to downloadable content. The link content contained malware, which causes CPU overloads on a small advertising company customer. The company’s SOC team was asked to check the security logs on the web-server for further investigation.
Scenario: SCCB002
In the last few months, multiple groups of attackers successfully compromised corporate email accounts at various firms, using phishing techniques. As part of the security team, we need your help to find leads to the attacker.
Scenario: SCCB003
A former Yahoo employee has pleaded guilty to misusing his access to hack into the accounts of nearly 6,000 Yahoo users. We need your help to investigate the incident.
Scenario: SCCB004
Over the past few months, hundreds of Android users have been complaining about a new piece of mysterious malware. Our company uses the system "Security Onion", and we need your help analyzing the logs it generated by the malware traffic.
Scenario: SCCB005
The web hosting company, Hostinger, has suffered a data breach. Using the access token, the hackers infiltrated a SQL database server and found a file containing a list holding millions of hashed passwords and usernames. Following the incident, the CEO hired a group of Cyber Security professionals, to work together and close the vulnerability that allowed the hackers to infiltrate the network and steal the file.
To be eligible for the certificate, the student must complete four scenarios (out of five) and submit the project associated with the course.
Score distribution: 60% scenarios + 40% project.
SIEM/SOC Advanced Certification

What our students say
"Learning to identify and protect from cyber-attacks. Great practice."
