Bu məzmun hələ Azərbaycanca dilində mövcud deyil — başqa mövcud dildə göstərilir. Mövcuddur: EN
Network Security & Ethical Hacking
Blue Team Analyst
The Blue Team Analyst ( program is a 4-month hands-on cybersecurity training course focused on Security Operations Center (SOC) activities and cyber defense. Participants develop practical skills in security monitoring, log analysis, digital forensics, phishing investigation, threat intelligence, incident response, and detection engineering. Through real-world case studies, lab exercises, and simulated SOC environments, learners gain the knowledge required to detect, investigate, and respond to cyber threats while preparing for the Blue Team Level 1 certification exam
Kurs haqqında
The Blue Team Analyst (BTL1) program is a practical cybersecurity training course designed for individuals who want to build a career in Security Operations Centers (SOC) and cyber defense. Participants learn security monitoring, log analysis, digital forensics, phishing investigation, threat intelligence, incident response, and detection engineering through hands-on labs and real-world attack scenarios. The program prepares learners for the Blue Team Level 1 (BTL1) certification and entry-level SOC Analyst roles.
Nə öyrənəcəksən
- Upon successful completion of this program, participants will be able to:
- Monitor and analyze security events using SIEM platforms.
- Investigate Windows and Linux logs to identify suspicious activity.
- Perform endpoint investigations and basic digital forensics analysis.
- Analyze phishing emails, malicious URLs, and suspicious attachments.
- Use threat intelligence and MITRE ATT&CK techniques to support investigations.
- Detect and investigate security incidents across networks and endpoints.
- Create detection rules and reduce false positives in security monitoring tools.
- Conduct end-to-end incident investigations and produce professional security reports.
- Prepare for the Blue Team Level 1 (BTL1) certification exam and entry-level SOC Analyst roles.
İlkin tələblər
- To get the most out of this program, participants should have:
- Basic knowledge of computer systems and operating systems.
- Familiarity with networking fundamentals (IP addressing, DNS, ports, and protocols).
- Basic understanding of cybersecurity concepts and common cyber threats.
- General computer troubleshooting and analytical skills.
- A strong interest in cybersecurity and security operations.
Təlim proqramı
- 1 Networking basics (IP, DNS, ports), OS basics, logging, SIEM overview, attack lifecycle
- 1 SOC roles, SIEM architecture, log ingestion, log sources
- 1 Event ID 4624, 4625, 4648, və digər windows logları, log fields analizi
- 1 auth.log, syslog, sudo activity, command traces
- 1 Process tree, parent-child relationship
- 1 PowerShell, CMD, Bash, encoded commands
- 1 Artifacts (Windows/Linux), timeline
- 1 Scheduled tasks, autoruns, log deletion
- 1 DNS queries, domain reputation, beaconing
- 1 Email headers, sender analysis
- 1 Obfuscation, malicious docs
- 1 IOC vs TTP, MITRE ATT&CK
- 1 IR lifecycle, triage
- 1 RDP, SMB, credential abuse
- 1 SIEM/XDR rules, FP reduction
- 1 Full simulation