Study sequence
- Month 1: networking, logs, and Windows events
- Month 2: SIEM searches and alert handling
- Month 3: incident timelines and detection engineering
- Month 4+: malware traffic and threat hunting cases
SOC Analyst
For learners targeting SOC, monitoring, and detection jobs. Target role: Blue team entry role. Expected timeline: 3-6 months.
CySA+, SC-200, BTL140+ resourcesDFIR
Portfolio projects
- Alert triage report
- Windows event log timeline
- Sigma or SPL detection rule set
- SIEM dashboard screenshot pack
Matched resources
Security Operations AnalystMicrosoft Learn · Intermediate · FreeBlue Team Labs OnlineBTLO · Intermediate · Free + PaidLetsDefend SOC TrainingLetsDefend · Intermediate · Free + PaidJohn HammondYouTube · Intermediate · Free13CubedYouTube · Intermediate · FreeCyberDefendersPractice platform · Intermediate · Free + Paid