🚀Everything you need to know to become a SOC Analyst👇
FOR FREE!
I studied every expensive SOC Analyst training program I could find to make this👇
🕵️The Ultimate FREE Career Path: SOC Analyst Edition
This is easily a $1,000+ SOC Analyst training program for FREE!
This learning path uses completely free learning resources to teach you everything you need to know to break into a SOC (Security Operations Center) role.
I truly believe that if you apply yourself to this curriculum, you will land a job as a SOC Analyst.
This was a lot of work, so please do me a favor and repost this so we can get this free guide to as many people as possible!
Make sure to read #8!
Let’s begin👇
1. The Foundations of Cybersecurity🔐
These are non-negotiable concepts you MUST know:
1.1 Basics of Computing
Understand computer hardware, software, and troubleshooting,
👉https://t.co/UpZKgYRTnT
1.2 Networking
Get hands on experience while learning networking,
👉https://t.co/j4hqB29yJz
1.3 Linux
Many security tools and IT infrastructures use Linux. It is a critical skill in cyber security,
👉https://t.co/pzcixWVm3B
1.4 Windows
Learn the most used corporate Operating System in the world and how to defend it,
👉https://t.co/nN1RxpjHrq
1.5 PowerShell and Bash Scripting
Scripting is an important skill to develop for IT and Cybersecurity. Don't skip it!
PowerShell
👉https://t.co/1yxBx360Ls
Bash Scripting
👉https://t.co/00Bz7umCv0
1.6 Intro to Cybersecurity
The main concepts of Cybersecurity including tools and frameworks,
👉https://t.co/zBaT4zLnV0
2. Attacker Methodology😈
To defend against attackers, you must first understand them.
2.1 MITRE ATT&CK Framework
Learn how to use the MITRE ATT&CK Framework to defend against the most common tactics and techniques of criminal hackers,
👉https://t.co/NxtZ1Ss9qF
2.2 Cybersecurity Kill Chain™
Achieve visibility into adversary's attack objectives,
👉https://t.co/ukzxmMhUHg
3. Open Source Intelligence (OSINT)🔎
Know how to look for relevant Cybersecurity information,
👉https://t.co/7pdP8MfgNL
4. Network Traffic Analysis🌐
4.1 Wireshark / TCPdump
Learn how to practically use Wireshark and TCPdump to analyze network traffic,
👉https://t.co/w4Qf14r749
4.2 Zeek
Learn how to effectively use Zeek, an Open Source Network Security Monitoring Tool,
👉https://t.co/jK8vUd1xm1
4.3 Snort,
Learn how to effectively us Snort, an Open Source Intrusion Detection System (IDS),
👉https://t.co/nY5DqPDDfh
5. Endpoint Security and Cyber Attacks🔐
5.1 Sysmon
System Monitor (Sysmon) is a Windows system service that is used widely in Cybersecurity
👉https://t.co/QY8u7v7T6u
5.2 Osquery
One of the most widely used endpoint visibility frameworks,
👉https://t.co/owYLGV38t8
5.3 Windows Privilege Escalation
Not technically endpoint security but I think it's important to understand how privilege escalation works in order to defend against it,
Windows👉https://t.co/yJunUJHfCu
Linux👉https://t.co/h7UdJovz4h
5.4 Hacking Active Directory
Active Directory and the common attacks against it are critical to know for any Cybersecurity professional. I am putting this here because you should have most of prerequisite knowledge to make use of this class,
👉https://t.co/6O8xZabxTg
6. SIEM - Security Information and Event Management📊
6.1 Intro to SIEMs
SIEMs are one of the most used tools for SOC Analysts,
👉https://t.co/LvV9ztXmhY
6.2 Wazuh
Wazuh is an Open Source XDR/SIEM tool that is widely used,
👉https://t.co/1ohTlMuxtm
6.3 ELK - Elasticsearch, Logstash, Kibana
ELK is another Open Source SIEM tool that is widely used,
👉https://t.co/ix4tgDtwfB
6.4 Splunk
Splunk is the gold standard SIEM tool and more,
👉https://t.co/gjLj4TZbuQ
7. SOC Fundamentals / Incident Response🥷
This is a course that will reinforce all of the learning you have done up to this point. Consider this a review that will also close any gaps you have from the previous classes.
It will cover aspects of incident response and how SOCs work day to day,
👉https://t.co/V3vZL8JeZS
8. Pro Tips, Certifications, and Wrap Up✅
8.1 Project Portfolio
As you are working through these classes, I believe it is CRUCIAL to document your learning and hands on activities in a project portfolio.
Recruiters and hiring managers LOVE project portfolios!
I have a free guide on how to do that here,
👉https://t.co/KCtMCOe4BU
8.2 Take Your Time, Try Harder
If you want a career in a SOC, then you need to take your time with these classes.
Do not rush.
Take notes, review those notes, document everything in your portfolio.
If you get stuck on a subject or a technical issue, you MUST get yourself out of it if possible.
Google and ChatGPT are going to be essential.
8.3 Home Lab
Cybersecurity is hands on.
I highly recommend you set up a home lab. Many of the classes above are hands on.
If they are not hands on then I HIGHLY recommend you download anything you need for that class to follow along and make it hands on.
Here is a guide for making a home lab,
👉https://t.co/PioepyiqEY
8.4 Certifications*
I do not believe you need any certifications to become a SOC Analyst if you have a strong portfolio and resume. Which you will if you follow this guide as written!
That said, you can probably pass any SOC Analyst cert below with minimal additional studying after doing this guide:
GIAC Security Operations Certified (GSOC)
HTB Certified Defensive Security Analyst (HTB CDSA)
EC-Council Certified SOC Analyst (CSA)
SBT Blue Team Level 1
OffSec Defense Analyst (OSDA)
*These certs are obviously not free. Some of them are really expensive. A good portfolio will silence any doubters.
8.5 Wrap up
This guide was a lot of work and I genuinely hope you found it useful.
If you did, please leave a like, comment, and repost it so that we can get this FREE learning guide to as many people as possible!
I also have a free, weekly newsletter where I send out free learning resources, career advice, interview prep and more!
You can sign up here:
👉https://t.co/KyH7V1eSCS
Peace✌️,
WP
🚀The Secret to Quickly Boosting Your Cybersecurity CV / Resume for FREE 👇
Make a PORTFOLIO!
Now I’m going to show you how👇
Recruiters and hiring managers love seeing Cybersecurity portfolios!
Why?
• It shows you put extra effort into your career
• It proves you have the technical capabilities needed for the job
• It shows you can communicate technical solutions and details
Let’s start!
1.Make a Medium account
This guide is going to use Medium because:
•It’s free
•It looks professional
•It has a large platform of readers and creators
•You don’t have to worry about hosting a website yourself!
Make an account here: https://t.co/adZjEuRjul
Set up your account with a professional profile picture and a brief description of yourself (SOC Analyst, Penetration Tester, GRC Professional, etc)
Follow some people in your space (bug bounties, pen testers, etc)
I highly recommend following @iamthecyberchef.
His write ups are excellent!
2.Start writing!
What do you write about?
Everything you are learning and doing in Cybersecurity!
Learning networking and just finished setting up a home lab in Packet Tracer?
Write up how you did it!
Learning Linux and just found out how to assign permission to users with a script?
Write up how you did it!
Doing TryHackMe or Hack the Box or CTFs?
Write up how you did it!
This showcases your knowledge AND helps reinforce what you are learning!
Here are some great examples of what a write up looks like in various fields:
Bug bounty write up:
https://t.co/7lbpicXjLD
GRC type write up:
https://t.co/VYMtwN4klq
TryHackMe / Hack the Box write up:
https://t.co/1obOX7FttX
Linux write up:
https://t.co/dnRRvah5ta
Networking write up:
https://t.co/lw6BWsQug6
3.Put it on your resume
Make a block on your resume called Cybersecurity Projects or Project Portfolio and put the link to your new Medium portfolio there
Make sure it is in a prominent location
You could even add in some of the titles of your Medium articles directly to your resume portfolio section with a link to the article
This is UNDERRATED in making your resume stand out to potential employers!
Pro tips:
•Make sure to have a few writeups in your portfolio. If a recruiter looks at your portfolio and you only have 1 post, it does not look good.
•Make sure you put some effort into your posts. As you are writing, keep in mind that a future employer could be reading it. Make sure to be professional and use proper grammar!
That’s it!
If you have project ideas or any questions then drop a comment!
Peace,
WP✌️
🚀Everything you need to know to become a SOC Analyst👇
FOR FREE!
I studied every expensive SOC Analyst training program I could find to make this👇
🕵️The Ultimate FREE Career Path: SOC Analyst Edition
This is easily a $1,000+ SOC Analyst training program for FREE!
This learning path uses completely free learning resources to teach you everything you need to know to break into a SOC (Security Operations Center) role.
I truly believe that if you apply yourself to this curriculum, you will land a job as a SOC Analyst.
This was a lot of work, so please do me a favor and repost this so we can get this free guide to as many people as possible!
Make sure to read #8!
Let’s begin👇
1. The Foundations of Cybersecurity🔐
These are non-negotiable concepts you MUST know:
1.1 Basics of Computing
Understand computer hardware, software, and troubleshooting,
👉https://t.co/UpZKgYRTnT
1.2 Networking
Get hands on experience while learning networking,
👉https://t.co/j4hqB29yJz
1.3 Linux
Many security tools and IT infrastructures use Linux. It is a critical skill in cyber security,
👉https://t.co/pzcixWVm3B
1.4 Windows
Learn the most used corporate Operating System in the world and how to defend it,
👉https://t.co/nN1RxpjHrq
1.5 PowerShell and Bash Scripting
Scripting is an important skill to develop for IT and Cybersecurity. Don't skip it!
PowerShell
👉https://t.co/1yxBx360Ls
Bash Scripting
👉https://t.co/00Bz7umCv0
1.6 Intro to Cybersecurity
The main concepts of Cybersecurity including tools and frameworks,
👉https://t.co/zBaT4zLnV0
2. Attacker Methodology😈
To defend against attackers, you must first understand them.
2.1 MITRE ATT&CK Framework
Learn how to use the MITRE ATT&CK Framework to defend against the most common tactics and techniques of criminal hackers,
👉https://t.co/NxtZ1Ss9qF
2.2 Cybersecurity Kill Chain™
Achieve visibility into adversary's attack objectives,
👉https://t.co/ukzxmMhUHg
3. Open Source Intelligence (OSINT)🔎
Know how to look for relevant Cybersecurity information,
👉https://t.co/7pdP8MfgNL
4. Network Traffic Analysis🌐
4.1 Wireshark / TCPdump
Learn how to practically use Wireshark and TCPdump to analyze network traffic,
👉https://t.co/w4Qf14r749
4.2 Zeek
Learn how to effectively use Zeek, an Open Source Network Security Monitoring Tool,
👉https://t.co/jK8vUd1xm1
4.3 Snort,
Learn how to effectively us Snort, an Open Source Intrusion Detection System (IDS),
👉https://t.co/nY5DqPDDfh
5. Endpoint Security and Cyber Attacks🔐
5.1 Sysmon
System Monitor (Sysmon) is a Windows system service that is used widely in Cybersecurity
👉https://t.co/QY8u7v7T6u
5.2 Osquery
One of the most widely used endpoint visibility frameworks,
👉https://t.co/owYLGV38t8
5.3 Windows Privilege Escalation
Not technically endpoint security but I think it's important to understand how privilege escalation works in order to defend against it,
Windows👉https://t.co/yJunUJHfCu
Linux👉https://t.co/h7UdJovz4h
5.4 Hacking Active Directory
Active Directory and the common attacks against it are critical to know for any Cybersecurity professional. I am putting this here because you should have most of prerequisite knowledge to make use of this class,
👉https://t.co/6O8xZabxTg
6. SIEM - Security Information and Event Management📊
6.1 Intro to SIEMs
SIEMs are one of the most used tools for SOC Analysts,
👉https://t.co/LvV9ztXmhY
6.2 Wazuh
Wazuh is an Open Source XDR/SIEM tool that is widely used,
👉https://t.co/1ohTlMuxtm
6.3 ELK - Elasticsearch, Logstash, Kibana
ELK is another Open Source SIEM tool that is widely used,
👉https://t.co/ix4tgDtwfB
6.4 Splunk
Splunk is the gold standard SIEM tool and more,
👉https://t.co/gjLj4TZbuQ
7. SOC Fundamentals / Incident Response🥷
This is a course that will reinforce all of the learning you have done up to this point. Consider this a review that will also close any gaps you have from the previous classes.
It will cover aspects of incident response and how SOCs work day to day,
👉https://t.co/V3vZL8JeZS
8. Pro Tips, Certifications, and Wrap Up✅
8.1 Project Portfolio
As you are working through these classes, I believe it is CRUCIAL to document your learning and hands on activities in a project portfolio.
Recruiters and hiring managers LOVE project portfolios!
I have a free guide on how to do that here,
👉https://t.co/KCtMCOe4BU
8.2 Take Your Time, Try Harder
If you want a career in a SOC, then you need to take your time with these classes.
Do not rush.
Take notes, review those notes, document everything in your portfolio.
If you get stuck on a subject or a technical issue, you MUST get yourself out of it if possible.
Google and ChatGPT are going to be essential.
8.3 Home Lab
Cybersecurity is hands on.
I highly recommend you set up a home lab. Many of the classes above are hands on.
If they are not hands on then I HIGHLY recommend you download anything you need for that class to follow along and make it hands on.
Here is a guide for making a home lab,
👉https://t.co/PioepyiqEY
8.4 Certifications*
I do not believe you need any certifications to become a SOC Analyst if you have a strong portfolio and resume. Which you will if you follow this guide as written!
That said, you can probably pass any SOC Analyst cert below with minimal additional studying after doing this guide:
GIAC Security Operations Certified (GSOC)
HTB Certified Defensive Security Analyst (HTB CDSA)
EC-Council Certified SOC Analyst (CSA)
SBT Blue Team Level 1
OffSec Defense Analyst (OSDA)
*These certs are obviously not free. Some of them are really expensive. A good portfolio will silence any doubters.
8.5 Wrap up
This guide was a lot of work and I genuinely hope you found it useful.
If you did, please leave a like, comment, and repost it so that we can get this FREE learning guide to as many people as possible!
I also have a free, weekly newsletter where I send out free learning resources, career advice, interview prep and more!
You can sign up here:
👉https://t.co/KyH7V1eSCS
Peace✌️,
WP
🚀The Secret to Quickly Boosting Your Cybersecurity CV / Resume for FREE 👇
Make a PORTFOLIO!
Now I’m going to show you how👇
Recruiters and hiring managers love seeing Cybersecurity portfolios!
Why?
• It shows you put extra effort into your career
• It proves you have the technical capabilities needed for the job
• It shows you can communicate technical solutions and details
Let’s start!
1.Make a Medium account
This guide is going to use Medium because:
•It’s free
•It looks professional
•It has a large platform of readers and creators
•You don’t have to worry about hosting a website yourself!
Make an account here: https://t.co/adZjEuRjul
Set up your account with a professional profile picture and a brief description of yourself (SOC Analyst, Penetration Tester, GRC Professional, etc)
Follow some people in your space (bug bounties, pen testers, etc)
I highly recommend following @iamthecyberchef.
His write ups are excellent!
2.Start writing!
What do you write about?
Everything you are learning and doing in Cybersecurity!
Learning networking and just finished setting up a home lab in Packet Tracer?
Write up how you did it!
Learning Linux and just found out how to assign permission to users with a script?
Write up how you did it!
Doing TryHackMe or Hack the Box or CTFs?
Write up how you did it!
This showcases your knowledge AND helps reinforce what you are learning!
Here are some great examples of what a write up looks like in various fields:
Bug bounty write up:
https://t.co/7lbpicXjLD
GRC type write up:
https://t.co/VYMtwN4klq
TryHackMe / Hack the Box write up:
https://t.co/1obOX7FttX
Linux write up:
https://t.co/dnRRvah5ta
Networking write up:
https://t.co/lw6BWsQug6
3.Put it on your resume
Make a block on your resume called Cybersecurity Projects or Project Portfolio and put the link to your new Medium portfolio there
Make sure it is in a prominent location
You could even add in some of the titles of your Medium articles directly to your resume portfolio section with a link to the article
This is UNDERRATED in making your resume stand out to potential employers!
Pro tips:
•Make sure to have a few writeups in your portfolio. If a recruiter looks at your portfolio and you only have 1 post, it does not look good.
•Make sure you put some effort into your posts. As you are writing, keep in mind that a future employer could be reading it. Make sure to be professional and use proper grammar!
That’s it!
If you have project ideas or any questions then drop a comment!
Peace,
WP✌️
Eternal Father:
Protect innocent Israelis, Iranians, and all in between.
Holy Spirit:
Illuminate the minds, and give wisdom to world leaders.
Lord Jesus Christ, King of all nations, Jew and Gentile:
Draw near the hearts of those far from you and your Catholic Church.
Amen.
War with Iran is not in America’s interest. It would destabilize the region, cost countless lives, and drain our resources for generations.
We should pursue diplomacy, not destruction. Engaging in dialogue with adversaries is not weakness; it’s the strength of a confident nation seeking peace. Our primary responsibility is to protect American lives.
https://t.co/GiHWGrHKF5
Peace be with you all! This is the first greeting spoken by the Risen Christ, the Good Shepherd. I would like this greeting of peace to resound in your hearts, in your families, and among all people, wherever they may be, in every nation and throughout the world.
Habemus Papam! We have a Pope!
The Cardinals gathered in the Vatican’s Sistine Chapel have elected Cardinal Robert Francis Prevost as the 267th Pope, who took the name Pope Leo XIV.
The day has FINALLY arrived! We’re beyond excited to officially launch the TCM Security Academy FREE content tier! 🥳 Our free tier covers over 25 hours of content and does not require a credit card - simply use your email to sign up and begin learning.
At TCM Security, we believe that everyone should have access to high-quality training, no matter their financial situation.
Price should never stand in the way of bettering yourself as an IT or security professional, and that’s why we’ve created these free resources for the community we care about so much. ❤️
Ready to take the next step? Get started for free today.
Find Practical Help Desk, Programming 100: Fundamentals, Linux 100: Fundamentals, and Soft Skills for the Job Market in our Academy ⬇️
https://t.co/pa5St1mjX1
Beware of warmongers and the military-industrial complex. A full-on regional war will lead to immeasurable suffering for everyone. It must be avoided at all costs.