The Certified SOC Analyst program is designed to bring people, process and technology together and provide a comprehensive skill set to manage a robust security operation centre with enhanced incident detection and response capabilities.
The program takes a holistic approach in training an individual right from the understanding of various attack methodologies, to collaborating with the IRTs in case of an incident.
Learning Objectives of CSA:

• Gain Knowledge Of SOC Processes, Procedures, Technologies, And Workflows.
• Gain A Basic Understanding And In-Depth Knowledge Of Security Threats, Attacks, Vulnerabilities, Attacker's Behaviors, Cyber Killchain, Etc.
• Able To Recognize Attacker Tools, Tactics, And Procedures To Identify Indicators Of Compromise (IOCs) That Can Be Utilized During Active And Future Investigations.
• Able To Monitor And Analyze Logs And Alerts From A Variety Of Different Technologies Across Multiple Platforms (IDS/IPS, End-Point Protection, Servers, And Workstations).
• Gain Knowledge Of The Centralized Log Management (CLM) Process.
• Able To Perform Security Events And Log Collection, Monitoring, And Analysis.
• Gain Experience And Extensive Knowledge Of Security Information And Event Management.
• Gain Knowledge Of Administering SIEM Solutions (Splunk/AlienVault/OSSIM/ELK).
• Gain Hands-On Experience In SIEM Use Case Development Process.
• Able To Develop Threat Cases (Correlation Rules), Create Reports, Etc.
• Learn Use Cases That Are Widely Used Across The SIEM Deployment.
• Plan, Organize, And Perform Threat Monitoring And Analysis In The Enterprise.
• Able To Monitor Emerging Threat Patterns And Perform Security Threat Analysis.
• Gain Hands-On Experience In The Alert Triaging Process.
• Able To Escalate Incidents To Appropriate Teams For Additional Assistance.
• Able To Use A Service Desk Ticketing System.
• Able To Prepare Briefings And Reports Of Analysis Methodology And Results.
• Gain Knowledge Of Integrating Threat Intelligence Into SIEM For Enhanced Incident Detection And Response.
• Able To Make Use Of Varied, Disparate, Constantly Changing Threat Information.
• Gain Knowledge Of Incident Response Process.
• Gain Understating Of SOC And IRT Collaboration For Better Incident Response.