Room link: by: tryhackme, Aashir.Masood “Endpoint Detection and Response (EDR) is a security solution designed to monitor, detect, and respond to advanced threats at the endpoint level. As a SOC analyst, it is essential for you to understand how the EDR works since…
Room link: by: tryhackme, TactfulTurtle“As with any other department, the efficiency of the SOC team can be measured using different indicators and metrics. This room explores the most common evaluation approaches like MTTD and MTTR and describes both methods to improve the metrics and potential…
by: tryhackme, TactfulTurtle“Alert triage is a complex process that often requires analysts to gather additional information about affected employees or servers. This room explores SOC workbooks designed to streamline alert triage and explains various lookup methods to quickly retrieve user and…
Room: by: Tryhackme, TactfulTurtle“During or after alert triage, L1 analysts may be uncertain about how to classify the alert, requiring senior support or information from the system owner. Also, L1 may deal with real cyberattacks and breaches that need…
Room link: created by: tryhackme, TactfulTurtleIntroduction: “An alert is a core concept for any SOC team, and knowing how to handle it properly ultimately decides whether a security breach is detected and prevented, or missed and devastating. This is an entry-level…
created by: Tryhackme, TactfulTurtleIntroduction: “Continue exploring the SOC role in protecting the digital world, now focusing on systems as attack vectors. In this room, you will learn what the systems are, why and how threat groups target them, and…
Room link: by: tryhackme, TactfulTurtleObjective: “Understand why and how people are targeted in cyber attacks and how the SOC helps defend them.” In this room, THM goes over the weakest link in any company: humans! In task 3, the…
by tryhackme, tactful turtle It appears that THM has decided to update the SOC Level 1 path after I began this journey. This includes additional rooms in the first section of the course, as well as the rearrangement of…
Time for a challenge! We will be applying the knowledge and skills we have acquired from previous rooms, primarily from The Pyramid of Pain and MITRE rooms. Objective: “After participating in one too many incident response activities, PicoSecure has decided…
by: tryhackme, Dex01, krotovolb It’s look like the rooms are starting to bring some challenge. The MITRE room goes into a Medium difficulty! Per THM, “MITRE researches in many areas, outside of cybersecurity, for the ‘safety, stability, and well-being of…