Modern Security Operations Center (SOC) Training

Defend, detect, and dominate–learn to build a Security Operations Center strong enough to outsmart any threat.

(SEC-OPS.AP1) / ISBN : 978-1-64459-544-2
This course includes
Interactive Lessons
Gamified TestPrep
Hands-On Labs
AI Tutor (Add-on)
Get A Free Trial

About This Course

Our security operations center (SOC) course takes you through every stage of SOC development. From basics of cyber threats and security tools to advanced vulnerability and hands-on hunting, you’ll learn to build, monitor, and defend. 

You’ll also explore important SOC services, fine-tune your response skills, and dive into real-world labs to analyze, secure, and automate. 

So, develop a threat intelligence to keep your security tight and attackers scrambling.

Skills You’ll Get

  • Analyze cyber threats and vulnerabilities
  • Develop and design a high-functioning Security Operations Center (SOC)
  • Implements security procedures and disaster recovery plans
  • Evaluate and apply SOC maturity models for ongoing improvements
  • Plan and structure SOC services to support organizational needs
  • Identify and manage risk with effective risk management techniques 
  • Conduct vulnerability assessments and compliance checks 
  • Perform digital forensics to trace and respond to security incidents 
  • Utilize tools like SIEM, Ansible, and Nmap for security automation
  • Coordinate threat intelligence collection and processing 
  • Execute incident response with structured playbooks
  • Orchestrate data flows and responses for better threat visibility
  • Apply policies, frameworks, and standards to exceed compliance
  • Integrate machine learning and automation into SOC operations 
  • Train in threat hunting, vulnerability management, and data orchestration

1

Preface

  • Vision
  • Who Should Read This Course?
  • How This Course Is Organized
  • Course Structure
2

Introducing Security Operations and the SOC

  • Introducing the SOC
  • Factors Leading to a Dysfunctional SOC
  • Cyberthreats
  • Investing in Security
  • The Impact of a Breach
  • Establishing a Baseline
  • Fundamental Security Capabilities
  • Standards, Guidelines, and Frameworks
  • Industry Threat Models
  • Vulnerabilities and Risk
  • Business Challenges
  • In-House vs. Outsourcing
  • SOC Services
  • SOC Maturity Models
  • SOC Goals Assessment
  • SOC Capabilities Assessment
  • SOC Development Milestones
  • Summary
  • References
3

Developing a Security Operations Center

  • Mission Statement and Scope Statement
  • Developing a SOC
  • SOC Procedures
  • Security Tools
  • Planning a SOC
  • Designing a SOC Facility
  • Network Considerations
  • Disaster Recovery
  • Security Considerations
  • Internal Security Tools
  • Guidelines and Recommendations for Securing Your SOC Network
  • SOC Tools
  • Summary
  • References
4

SOC Services

  • Fundamental SOC Services
  • The Three Pillars of Foundational SOC Support Services
  • SOC Service Areas
  • SOC Service Job Goals
  • Service Maturity: If You Build It, They Will Come
  • SOC Service 1: Risk Management
  • SOC Service 2: Vulnerability Management
  • SOC Service 3: Compliance
  • SOC Service 4: Incident Management
  • SOC Service 5: Analysis
  • SOC Service 6: Digital Forensics
  • SOC Service 7: Situational and Security Awareness
  • SOC Service 8: Research and Development
  • Summary
  • References
5

People and Process

  • Career vs. Job
  • Developing Job Roles
  • SOC Job Roles
  • NICE Cybersecurity Workforce Framework
  • Role Tiers
  • SOC Services and Associated Job Roles
  • Soft Skills
  • Security Clearance Requirements
  • Pre-Interviewing
  • Interviewing
  • Onboarding Employees
  • Managing People
  • Job Retention
  • Training
  • Certifications
  • Evaluating Training Providers
  • Company Culture
  • Summary
  • References
6

Centralizing Data

  • Data in the SOC
  • Data-Focused Assessment
  • Logs
  • Security Information and Event Management
  • Troubleshooting SIEM Logging
  • APIs
  • Big Data
  • Machine Learning
  • Summary
  • References
7

Reducing Risk and Exceeding Compliance

  • Why Exceeding Compliance
  • Policies
  • Launching a New Policy
  • Policy Enforcement
  • Procedures
  • Tabletop Exercise
  • Standards, Guidelines, and Frameworks
  • Audits
  • Assessments
  • Penetration Test
  • Industry Compliance
  • Summary
  • References
8

Threat Intelligence

  • Threat Intelligence Overview
  • Threat Intelligence Categories
  • Threat Intelligence Context
  • Evaluating Threat Intelligence
  • Planning a Threat Intelligence Project
  • Collecting and Processing Intelligence
  • Actionable Intelligence
  • Feedback
  • Summary
  • References
9

Threat Hunting and Incident Response

  • Security Incidents
  • Incident Response Lifecycle
  • Phase 1: Preparation
  • Phase 2: Detection and Analysis
  • Phase 3: Containment, Eradication, and Recovery
  • Digital Forensics
  • Phase 4: Post-Incident Activity
  • Incident Response Guidelines
  • Summary
  • References
10

Vulnerability Management

  • Vulnerability Management
  • Measuring Vulnerabilities
  • Vulnerability Technology
  • Vulnerability Management Service
  • Vulnerability Response
  • Vulnerability Management Process Summarized
  • Summary
  • References
11

Data Orchestration

  • Introduction to Data Orchestration
  • Security Orchestration, Automation, and Response
  • Endpoint Detection and Response
  • Playbooks
  • Automation
  • DevOps Programming
  • DevOps Tools
  • Blueprinting with Osquery
  • Network Programmability
  • Cloud Programmability
  • Summary
  • References
12

Future of the SOC

  • All Eyes on SD-WAN and SASE
  • MPLS Failure!
  • IT Services Provided by the SOC
  • Future of Training
  • Full Automation with Machine Learning
  • Future of Your SOC: Bringing It All Together
  • Summary
  • References

1

Developing a Security Operations Center

  • Using Windows Firewall
  • Configuring a VPN
  • Setting Up a Honeypot
  • Capturing a Packet Using Wireshark
  • Configuring NetFlow
  • Implementing Intrusion Detection System
2

SOC Services

  • Identifying Search Options in Metasploit
  • Searching Exploits Using searchsploit
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Vulnerability Scanning Using OpenVAS
  • Using the SET Tool
3

Centralizing Data

  • Viewing Windows Event Logs
  • Viewing the Syslogs
4

Reducing Risk and Exceeding Compliance

  • Using the Armitage Tool for Intrusion Detection
5

Threat Hunting and Incident Response

  • Observing an MD5-Generated Hash Value
  • Observing an SHA256-Generated Hash Value
  • Analyzing Malicious Activity in Memory Using Volatility
  • Analyzing Forensic Cases with Autopsy
  • Completing the Chain of Custody
6

Vulnerability Management

  • Using Nmap for Network Enumeration
  • Consulting a Vulnerability Database
  • Performing an Intense Scan in Zenmap
7

Data Orchestration

  • Creating an Ansible Configuration File
  • Creating Ansible Roles
  • Using the Ansible Tool
  • Using Osquery to Perform Enhanced Incident Response and Threat Hunting

Any questions?
Check out the FAQs

Curious to learn more? Read about our Modern SOC for cybersecurity course.

Contact Us Now

A SOC is a centralized unit where security professionals monitor, detect, and respond to cyber threats to protect an organization’s assets.

The security operations center training course is ideal for IT professionals, aspiring cybersecurity specialists, and anyone interested in learning SOC operations and cybersecurity.

No prior experience is required, though a basic understanding of IT concepts can help students enroll in this security operations training course.

A Modern SOC uses advanced tools, automation, and proactive threat intelligence, focusing on efficiency and adaptability to handle today’s complex cyber threats.

Yes, you’ll receive a certification to showcase your SOC expertise upon completing the course.

Related Courses

All Course
scroll to top