Certified SOC Analyst (CSA)

Module 01: Security Operations and Management
Provides an introduction to SOC operations, including the roles and responsibilities of analysts, SOC architecture, workflow processes, and how security teams collaborate to monitor and defend enterprise systems.

Module 02: Understanding Cyber Threats, IoCs, and Attack Methodology
Explains the landscape of modern cyber threats, attack methodologies, tactics, techniques, and procedures (TTPs), and how to identify Indicators of Compromise (IoCs) to recognise suspicious activity early.

Module 03: Incidents, Events, and Logging
Covers the types of security events and incidents, the importance of event logging, log sources (servers, endpoints, firewalls, IDS/IPS), log formats, and best practices for maintaining accurate and actionable logs.

Module 04: Incident Detection with Security Information and Event Management (SIEM)
Introduces SIEM platforms and their role in detecting and correlating security events. Learners explore alert generation, log aggregation, anomaly detection, and creating actionable insights from large datasets.

Module 05: Enhanced Incident Detection with Threat Intelligence
Teaches integration of threat intelligence feeds into SOC operations. Learners learn to prioritise alerts, analyse emerging threats, and use contextual intelligence to reduce false positives and improve detection accuracy.

Module 06: Incident Response
Details the full incident response lifecycle: detection, triage, containment, investigation, eradication, recovery, and reporting. Learners gain skills to respond efficiently while preserving forensic evidence for analysis.

Module 07: SOC Analysis Labs and Practical Scenarios
Provides hands-on exercises simulating real SOC activities, including monitoring alerts, log analysis, threat hunting, identifying compromised systems, and generating detailed incident reports for management and stakeholders.