SOC Essentials: Investigating and Threat Hunting is a practical course for security analysts who want to improve their investigation skills and introduce threat hunting into their daily operations. Students work through real-world attack scenarios to develop structured investigation techniques, apply threat hunting frameworks, and use SIEM and EDR tooling to proactively search for adversary activity within an environment.
What You Will Learn
- Apply structured investigation methodologies to security alerts and incidents
- Use SIEM query techniques to pivot across logs and trace attacker activity end-to-end
- Develop threat hunting hypotheses based on threat intelligence and the MITRE ATT&CK framework
- Hunt for malicious activity using behavioural indicators and anomaly detection in EDR and SIEM data
- Document investigation findings and produce actionable incident reports
Who Should Attend
SOC analysts, junior security engineers, and threat hunters who want to build practical investigation and hunting skills in a hands-on environment.
Prerequisites
Basic familiarity with security concepts and some exposure to a SIEM or EDR platform. No specific vendor certification is required.
