Roadmap: https://tryhackme.com/r/path/outline/soclevel1
-
Detect and analyze traffic anomalies
-
Monitor endpoints for threats
-
Utilize SIEM tools to handle incidents
-
Investigate forensic artifacts
My Experience:
This certificate highlights my 87 hours of hands-on experience across a wide range of programs, focusing on real-world blue team triaging scenarios. I applied the MITRE ATT&CK Framework, utilized the Cisco Talos Intelligence platform, VirusTotal platform, and many MANY other OSINT tools to support my investigations.
Among the many tools and challenges covered, some of my favorites included stopping an active brute-force attack with Snort, using Wireshark to investigate network abnormalities, incident handling with Splunk/SIEM’s, and investigating suspicious phishing email source codes with Thunderbird and Volatility3. Although these scenarios were challenging, these experiences finally satisfied my itching curiosity on how to effectively discover and mitigate these types of cyber threats.
Certification (THM-7H0UXOHBQ3):
