Back to catalog
SecurityAdvanced
Blue Team and SOC Analyst
Train for the defensive side of security. This course walks through detection, SIEM workflows, threat hunting, incident response, foundational forensics, and how a modern SOC operates using real tools and playbooks.
14 lessonsCertificate includedUSD 10 (~ARS 10.000)
Course syllabus
1Blue Team foundations
3 lessons
Blue Team foundations
- SOC role: functions, tiers, and tooling
- Threat intelligence: sources and practical use
- Defensive frameworks: MITRE ATT&CK and D3FEND
2SIEM and detection
4 lessons
SIEM and detection
- Elastic Stack: ingestion, indexing, and search
- Splunk: SPL queries and security dashboards
- Detection rules: correlation rules and alerts
- Reducing false positives
3Incident response
3 lessons
Incident response
- IR lifecycle: preparation, detection, containment
- Foundational forensics: memory and disk
- Playbooks and runbooks for common incidents
4Threat hunting
3 lessons
Threat hunting
- Proactive hunting methodology
- Hunting with KQL and SPL
- Indicators of compromise (IOCs) and TTPs
5Final project
1 lessons
Final project
- Full investigation of a simulated incident
What you will learn
Blue teamSOC operationsSplunk / ElasticThreat huntingIncident responseFoundational forensics
Certificate
SOC Analyst Certificate - CumbreAcademy
Ready to start?
Investment: USD 10 (~ARS 10.000)
Buy accessWant access to every course?
Total Access gives you this course and all the others for $20/month.
This course: USD 10 (~ARS 10.000) - Total Access: $20 USD/month (all courses)
See Total Access