fbpx
/ cybersecurity
education
€ EUR
  • $ USD
  • € EUR
  • #course
  • #livevirtualclass

SOC Analyst Course

Live Virtual Class - Super Intensive Remote Training with Labs!
Days
Hours
Min.
Sec.

During this 5-day course in 35 hours of super intensive training you will gain crucial cybersecurity knowledge and skills in terms of SOC analytics. Moreover, you will be able to:

    • Get the highest quality and unique learning experience – the class is limited to 10 participants by default.
    • Get the opportunity to interact with our world-renowned Experts.
    • Go through CQURE’s custom lab exercises and practice them after the course.
    • Receive a lifelong certification after completing the course!

(9:00am – 4:00pm CEST Monday to Friday)

30003500

/ Lowest price within 30 days - €3000

Why this course?

This is a 5-day deep dive course on SOC analytics, a must-go for SOC analysts, Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security. It is delivered by one of the best people in the market in the security field and what is more, this is an international Live Virtual Class so you will be able to share the learning experience with a group of IT pros from around the world without leaving your home or office!

This is a 5-day deep dive course on SOC analytics, a must-go for SOC analysts, Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security. It is delivered by one of the best people in the market in the security field and what is more, this is an international Live Virtual Class so you will be able to share the learning experience with a group of IT pros from around the world without leaving your home or office!

Pricing plan

We offer you pricing plan designed and adjusted to your specific needs and budget. Buy now or book your spot and pay later.

Course timeline

  • 1. Before the course

    You will receive a Student Guide with instruction on how to prepare for the training, information regarding all the technical requirements and your own individual login credentials to the virtual environment.

  • 2. During the course

    You will be able to exercise and review all learned content on an ongoing basis.

  • 3. After the course

    You will receive a Certificate of Completion, all the materials which have been created and presented by the trainer as well as an access to our community on the Discord server.

Course benefits

How our lessons look like

  • Loads of Knowledge
  • Implementation workshop
  • Course materials
  • Unique exercises
  • Certification

Loads of Knowledge

The course is dedicated for people who want to learn about Microsoft’s cloud environment monitoring tools and framework. At the beginning, you will be introduced to the management of Azure Active Directory, service auditing and logs, roles related to monitoring threats in the cloud, or the implementation of PIM and PAM services.

The next module is to walk you through the secure score functionality and how to improve it with cloud security configuration best practices, Azure Defender for servers and security standards recommendations.

Implementation workshop

During the course you will be able to configure an environment with EDR enabled, where we will try to attack endpoints and user identity and see how EDR behaves. Then we will go through security operations best practices and make hunting queries. The implemented EDR solution and other components of the security stack will be linked within the Microsoft SIEM – Sentinel, which will allow monitoring and implementation of responses to threats.

Course materials

During the course you will be provided with a bunch of materials such as lab exercises, presentations, intriguing articles and useful tools to make your tasks a little bit easier!

Unique exercises

The exercises are based on O365 and Azure Cloud. This workshop is based on practical knowledge from tons of successful projects, many years of real-world experience and no mercy for misconfigurations or insecure solutions!

Certification

After finishing the course, you will be granted a CQURE Certificate of Completion. Please note that after completing the course you will also be eligible for CPE points!

Course syllabus

This Live Virtual Class consists of 5 Modules in terms of SOC analytics. They include essential theory combined with individual practice during the exercises as well as loads of hands-on tools and real-case scenarios.

  • Module 1: Monitoring operations in Azure AD

    • 1. Azure Active Directory Operations and Logs
    • 2. Azure AD Roles
    • 3. Identity Protection – Roles, Review access, alerts, Discovery and Insights
    • 4. How to deal with Audit Log
    • 5. Challenging Azure AD settings in Azure and Office from red team perspective
    • 6. Privileged Identity Management – JITA, Discover and Monitor
    • 7. Office Management API – Logs around Office 365
    • 8. Microsoft Azure Policies – getting started, compliance, remediation, assignments, blueprints.
    • 9. Labs
  • Module 2: Microsoft 365 Security

    • 1. Secure Score and Security Center
    • 2. Best Practices for Improving Your Secure Score
    • 3. Azure Defender for Servers
    • 4. Security Benchmark Policy
    • 5. Labs
    • 6. STIG & CIS – cloud security baseline
  • Module 3: Microsoft 365 Defender for Endpoint – EDR

    • 1. Intro 101 (configuration, device inventory, concept, Report, alerts) and EDR deployment
    • 2. Security Operations best practices with Microsoft EDR
    • 3. How to manage Incidents
    • 4. Kusto language 101 – basic and advanced queries
    • 5. Advanced Hunting
    • 6. Partner & APIs
    • 7. Hacker ways to hide malware and bypass EDR
    • 8. Attacks examples and remediation labs
    • 9. EDR Integration with Microsoft Defender for Identity
    • 10. EDR Integration with Microsoft Defender for Office 365
  • Module 4: eXtended Detection and Response with Sentinel

    • 1. Sentinel 101 - Azure Sentinel Dashboards, Connectors
    • 2. Understanding Normalization in Azure Sentinel
    • 3. Cloud & on-prem architecture
    • 4. Workbooks deep dive - Visualize your security threats and hunts
    • 5. Incidents
    • 6. KQL intro (KQL hands-on lab exercises) and Optimizing Azure Sentinel KQL queries performance
    • 7. Auditing and monitoring your Azure Sentinel workspac
    • 8. Sentinel configuration with Microsoft Cloud stack, EDR and MCAS
    • 9. Fusion ML Detections with Scheduled Analytics Rules
    • 10. Streamlining your SOC Workflow with Automated Notebooks
    • 11. Customizing Azure Sentinel with Python
    • 12. Best Practices for Converting Detection Rules from Splunk, QRadar, and ArcSight to Azure Sentinel Rule
  • Module 5: Microsoft Cloud App Security

    • 1. Intro do MCAS
    • 2. Enabling Secure Remote Work
    • 3. App Discovery and Log Collector Configuration
    • 4. Extending real-time monitoring & controls to any app
    • 5. Connecting 3rd party Applications
    • 6. Automation and integration with Microsoft Flow
    • 7. Conditional Access App Control
    • 8. Threat detection
    • 9. Information Protection
    • 10. Labs: Protect Your Environment Using MCAS
    • 11. DLP in Microsoft stack – how to deploy and monitor using MCAS and Sentinel

Who is it for?

This is an advanced course on SOC analytics for Cybersecurity Specialists.

Audience

SOC analysts, Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security. To attend this training, you should have a good hands-on experience in administering Windows infrastructure and basic around public cloud concept (Office 365, Azure).

Platform and Technical Requirements

To participate in the course you need a Stable internet connection. For best learning experience we also need you to have a webcam, headphones and a microphone. We will setup a secure Zoom classroom for every day of the course – we will send you a safe link to join the conference by e-mail.

Exercises

All exercises are based on O365 and Azure Cloud. During the course our finest specialists will use their unique tools, practical exercises and presentations slides with notes.

Certification

What is wonderful about our certification is that it is lifetime valid with no renewal fees – the technology changes, but fundamentals and attitude remain mostly the same. Our Virtual Certificates, which entitle you to collect CPE Points, are issued via Accredible.

How persuade your manager that this course is meaningful?

Investing in knowledge is one of the most worthy investment not only for us, but also for our environment. Learning new skills and insights in terms of cybersecurity may benefit with gaining awareness and as a result, may prevent falling a victim to cyber threats in the future.

Protects the Company

You will be the valuable element in regards to company’s safety – knowing about potential threats and ways of avoiding them may be incredibly useful in a daily company life.

Improves Employees skills

Not only your company will gain a specialist in terms of cybersecurity, but also you will unlock the door for expanding your skills horizon even further.

Boosts customer confidence

Completed course with personal certification may be the perfect advantage when it comes to business.

Helps comply with regulations

Knowledge is power – it can be incredibly helpful in…

Saves money in the long run

Who would have want to pay regularly for help in case of emergency data leakage in a company? It’s much better to educate the employees and prevent any cybersecurity risks.

Prepares for emerging threats

After our course, you will be educated in the possible threats and you will identify any suspicious activity online with ease.

Register now and learn from the best!

During this 5-day course in 35 hours super intensive training you will gain crucial cybersecurity knowledge and skills in terms of SOC analytics. Moreover, you will be able to:

  • Get the highest quality and unique learning experience.
  • Get the opportunity to interact with our world-renowned Experts.
  • Go through CQURE’s custom lab exercises and practice them after the course.

Your experts

This course is delivered by one of the greatest, world-renowned Cybersecurity Experts with practical knowledge from tons of successful projects, many years of real-world experience, great teaching skills and no mercy for misconfigurations or insecure solutions.

Mike

Jankowski-Lorek, Ph.D.

Director of Consulting, Cybersecurity Expert, MCT

Cybersecurity Expert, solution architect, consultant, penetration tester, and developer with more than 20 years of experience in the field. Mike holds multiple certifications, in security, database and software development. He also holds a Ph.D. in Computer Science.

Piotr

Pawlik

Cybersecurity Expert, MCITP, MCTS

System Engineer and Unified Communications Expert. His areas of expertise includes Microsoft Private Cloud, Microsoft Public Cloud (Office 365 and Azure), Microsoft Exchange Server 2010/2013, Lync Server 2010/2013, Office Communications Servers and Windows Server family.

How can we help you?

Suggested searches

    Search history

      Popular searches:

      Not sure what course to look for?

      Mobile Newsletter Form