Skip to content
Menu
Jeff Domedion
  • About Me
  • Contact me
Jeff Domedion

Category: SOC analyst

Blue Team Level 2 (BTL2) – Review

Posted on March 21, 2022May 1, 2022

3/21/22 This review will be an ongoing, living review. As I write this review, the platform has jumped to a new interface. Two labs are still “coming soon,” and the estimated date for the exam to be available is at the end of March. I’m doing a “living” review because Blue Team Level 2 has…

A Puzzle Challenges The Player To Get From A Problem To A Solution

Posted on February 26, 2022February 26, 2022

When working with alerts, I notice that analysts sometimes have the immediate reaction to reach out to somebody else to have them answer it. I’ll hear, “Well, I’ll ask this person about that system” or “This person would be a good resource to ask about that traffic.” There’s a time and place for such questions,…

Practical Malware Analysis & Triage – Review

Posted on November 24, 2021February 26, 2022

I wanted to do a quick review on this course to give some initial thoughts. I want to say I’m only familiar with Matt Kiely aka HuskyHacks due to his blog for the eCPPT. https://huskyhacks.dev/2020/04/24/elsptp/. I enjoyed his other blog posts and ended up following him on twitter https://twitter.com/HuskyHacksMK which is how I became aware…

Everybody Wants To Do Security, But Nobody Wants To Do The Basics

Posted on October 13, 2021February 26, 2022

I’ve struggled with weight all my life. For me it’s this back and forth: lose some weight here, gain a lot there, etc etc. It wasn’t until I was about 26 that I started to see signs that my weight might be affecting my body and got a little scared. I got on the scale…

24/7 SOC Zzzzzz…

Posted on April 10, 2021June 14, 2021

One of my biggest frustrations is the idea of 24/7 SOC, meaning you have employees working around the clock. This frustration goes back to SOC analysts being treated as an entry level position instead of one of the most important security positions in the company. I believe 24/7 SOC can be a thing and can…

Will AI Kill The Security Industry?

Posted on February 27, 2021September 27, 2021

Twitter user STOK (@stokfredrik) had this great question: will AI kill the security industry? In the poll, 78.9% of 4,041 votes said no it won’t. I will have to agree with the majority, but it’s not that the technology isn’t there yet. I feel that there’s one important factor that stands in the way of…

My 6 SOC Analyst Questions

Posted on January 28, 2021January 29, 2021

When it comes to interviewing a job candidate I typically have a set of questions prepared for them. With my 6 questions I try to leave them open-ended, even the more technical ones. Interviewing is a dance where the candidate should be leading. However, this is not the norm and this leaves the interviewer more…

Expectation For Entry-Level SOC Analyst

Posted on September 19, 2020September 27, 2021

This was a tweet that really provoked a lot of feeling for me. It’s another great question. Do you expect an entry-level SOC analyst to know what Kerberoasting is? I wish this question got more discussion on Twitter because it’s something I’m very passionate about.  Now, I believe the definition for an entry level SOC…

©2022 Jeff Domedion | Powered by SuperbThemes & WordPress