3/21/22 This review will be an ongoing, living review. As I write this review, the platform has jumped to a new interface. Two labs are still “coming soon,” and the estimated date for the exam to be available is at the end of March. I’m doing a “living” review because Blue Team Level 2 has…
Category: SOC analyst

A Puzzle Challenges The Player To Get From A Problem To A Solution
When working with alerts, I notice that analysts sometimes have the immediate reaction to reach out to somebody else to have them answer it. I’ll hear, “Well, I’ll ask this person about that system” or “This person would be a good resource to ask about that traffic.” There’s a time and place for such questions,…

Practical Malware Analysis & Triage – Review
I wanted to do a quick review on this course to give some initial thoughts. I want to say I’m only familiar with Matt Kiely aka HuskyHacks due to his blog for the eCPPT. https://huskyhacks.dev/2020/04/24/elsptp/. I enjoyed his other blog posts and ended up following him on twitter https://twitter.com/HuskyHacksMK which is how I became aware…

Everybody Wants To Do Security, But Nobody Wants To Do The Basics
I’ve struggled with weight all my life. For me it’s this back and forth: lose some weight here, gain a lot there, etc etc. It wasn’t until I was about 26 that I started to see signs that my weight might be affecting my body and got a little scared. I got on the scale…

24/7 SOC Zzzzzz…
One of my biggest frustrations is the idea of 24/7 SOC, meaning you have employees working around the clock. This frustration goes back to SOC analysts being treated as an entry level position instead of one of the most important security positions in the company. I believe 24/7 SOC can be a thing and can…

Will AI Kill The Security Industry?
Twitter user STOK (@stokfredrik) had this great question: will AI kill the security industry? In the poll, 78.9% of 4,041 votes said no it won’t. I will have to agree with the majority, but it’s not that the technology isn’t there yet. I feel that there’s one important factor that stands in the way of…

My 6 SOC Analyst Questions
When it comes to interviewing a job candidate I typically have a set of questions prepared for them. With my 6 questions I try to leave them open-ended, even the more technical ones. Interviewing is a dance where the candidate should be leading. However, this is not the norm and this leaves the interviewer more…

Expectation For Entry-Level SOC Analyst
This was a tweet that really provoked a lot of feeling for me. It’s another great question. Do you expect an entry-level SOC analyst to know what Kerberoasting is? I wish this question got more discussion on Twitter because it’s something I’m very passionate about. Now, I believe the definition for an entry level SOC…