SCAOOperations

SalaCyber Cybersecurity Analyst and Operation (SCAO)

SCAO is the primary step to a kick start point of Cybersecurity operations center (SOC). It is designed for current and aspiring Tier I and Tier II Cybersecurity analysts to achieve skillful in performing entry-level and intermediate-level Security Analyst.

3 months
Intermediate
28 lessons

Course Modules

9 modules · 28 lessons

1Security Management (risk, policies, governance, compliance, incident lifecycle)
2Security Operations Center – what is a SOC, purpose, 24/7 monitoring, team structure
3Common SOC Roles – L1/L2/L3 Analyst, Threat Intelligence Analyst, SOC Manager
4SOC Capabilities – log monitoring, alert triage, incident detection, threat hunting
5SOC Operations – alert monitoring, ticketing, escalation, reporting
6SOC Workflow – Alert → Triage → Investigation → Escalation → Containment → Recovery
7SOC Components – SIEM, EDR, Firewall, IDS/IPS, threat intel feeds
8SOC Models – in-house, MSSP, hybrid, follow-the-sun

What you'll learn

  • Understand SOC structure, roles, models, and alert lifecycle
  • Deploy Wazuh SIEM and agents for log ingestion
  • Perform log analysis, rule interpretation, and MITRE ATT&CK mapping
  • Execute SOC L1 alert triage and structured investigation
  • Apply FIM, threat hunting, and active response techniques
  • Create custom detection rules and tune for false positives
  • Write professional incident reports with root cause analysis

Prerequisites

  • SNCF or SISE
  • Linux fundamentals
  • Windows OS basics
  • Understanding of cybersecurity concepts

Ready to start?

Enroll Now