Cyber RangeATCCybersecurity Risk & StrategySecurity
Learning path

Threat Detection and Incident Response Essentials

Skill Level
Fundamentals
Duration 9 hours 10 minutes
Updated Jan 28, 2025

About this learning path

As cyber threats grow increasingly sophisticated, the need for skilled SOC Analysts has never been greater. This learning path follows Samantha, a SOC operator, as she embarks on a journey to acquire the skills and analytical mindset of a SOC analyst. Each module immerses learners in real-world SOC scenarios, blending theory with hands-on practice, to prepare them for today's dynamic cybersecurity landscape.

Your instructors

Kendall AhernWorld Wide TechnologySolutions Development Intern
Shoaib Mohammed ShahapuriWorld Wide TechnologyTechnical Solutions Architect

Prerequisites

  1. Basic Cybersecurity Knowledge: Familiarity with cybersecurity concepts, including understanding of common cyber threats, basic networking principles, and common attack vectors.
  2. Experience in IT/SOC Operations: Experience with monitoring or working within a Security Operations Center (SOC) is helpful but not required.
  3. Interest in Security Tools: Comfort navigating security tools and logs, particularly in environments like Splunk, will be beneficial for hands-on labs.

What you'll learn

  1. Foundations of Threat Detection: Understand the role of threat detection within a SOC, the lifecycle of incident response, and key security terms and concepts.
  2. SIEM Fundamentals and Setup: Gain knowledge of SIEM architecture, learn to set up a basic SIEM instance, and understand how log management and event correlation help detect threats.
  3. Incident Response Planning and Execution: Learn the stages of an effective incident response, from preparation to post-incident review, and understand how to create and maintain an actionable Incident Response Plan.
  4. Hands-On Skills in Real-World Threat Detection: Engage in practical labs that simulate real-world scenarios, using tools like Splunk to collect, analyze, and respond to security incidents. Learn how to identify, isolate, and contain threats through simulated incidents.
  1. 1. Introduction to Threat Detection and Incident Response
    1. Enroll in this learning path to view locked contentIntroduction to Threat Detection and Incident Response
      Video
      Locked
    2. Enroll in this learning path to view locked contentFundamentals of Cyber Threats
      Article
      Locked
  2. 2. Building Blocks of Threat Detection
    1. Enroll in this learning path to view locked contentIntroduction to SIEM
      Video
      Locked
    2. Enroll in this learning path to view locked contentUnderstanding Log Management and Event Correlation
      Article
      Locked
    3. Enroll in this learning path to view locked contentBasic SIEM Setup and Log Collection using Splunk
      Lab
      Locked
  3. 3. Incident Response Basics
    1. Enroll in this learning path to view locked contentThe Incident Response Process
      Video
      Locked
    2. Enroll in this learning path to view locked contentCreating an Incident Response Plan
      Article
      Locked
    3. Enroll in this learning path to view locked contentSimulating an Incident Response with Splunk
      Lab
      Locked
  4. 4. Introduction to Threat Hunting & Detection Tools
    1. Enroll in this learning path to view locked contentIntroduction to Threat Hunting
      Video
      Locked
    2. Enroll in this learning path to view locked contentWhat is a Hunting Maturity Model?
      Article
      Locked
    3. Enroll in this learning path to view locked contentWhat is Endpoint Detection and Response (EDR)?
      Article
      Locked
    4. Enroll in this learning path to view locked contentWhat is eXtended Detection & Response (XDR)
      Video
      Locked
    5. Enroll in this learning path to view locked contentBasic Threat Hunting Exercise with CrowdStrike
      Lab
      Locked
  5. 5. Basic Email/Phishing Detection
    1. Enroll in this learning path to view locked contentIntroduction to Email/Phishing Detection
      Video
      Locked
    2. Enroll in this learning path to view locked contentBasics of Email Security
      Article
      Locked
  6. 6. Networking Fundamentals for Threat Detection
    1. Enroll in this learning path to view locked contentNetworking Fundamentals for Threat Detection
      Video
      Locked
    2. Enroll in this learning path to view locked contentNetworking for Incident Response
      Article
      Locked
    3. Enroll in this learning path to view locked contentAnalyzing Network Traffic with WireShark
      Lab
      Locked
  7. 7. Conclusion
    1. Enroll in this learning path to view locked contentThreat Mastery Quiz
      Quiz
      Locked
    2. Enroll in this learning path to view locked contentLearning Path Complete
      Achievement Badge
      Locked