Certified Ekasi Security Operations Analyst

Certified Ekasi Security Operations Analyst
Cybersecurity Intermediate

Certified Ekasi Security Operations Analyst

Learn to monitor, detect, and respond to security incidents in a SOC environment. Covers SIEM, log analysis, incident triage, and threat hunting.

Course Description

Learn to monitor, detect, and respond to security incidents in a SOC environment. Covers SIEM, log analysis, incident triage, and threat hunting.

Learning Outcomes

Investigate security alerts, correlate log data, escalate incidents, create detection rules, document findings.

Target Audience

SOC analysts, incident responders, security analysts, IT security staff.

9 Modules
63 Lessons
20h 50m

Learn SOC structure, roles and responsibilities, shift schedules, and security operations workflows.
  • 1.1: What is a Security Operations Center (SOC)? (45 min)
  • 1.2: SOC Roles and Responsibilities (50 min)
  • 1.3: SOC Operating Models (45 min)
  • 1.4: SOC Tools and Technologies (50 min)
  • 1.5: SOC Processes and Workflows (45 min)
  • 1.6: SOC Metrics and Performance Management (45 min)
  • 1.7: Practical Workshop - SOC Simulation (60 min)

Learn to use Security Information and Event Management tools, search logs, create dashboards, and schedule reports.
  • 2.1: What is SIEM? Architecture and Core Components (50 min)
  • 2.2: Log Sources and Data Collection (50 min)
  • 2.3: SIEM Query Languages - SPL and KQL (55 min)
  • 2.4: Correlation Rules and Alerting (50 min)
  • 2.5: SIEM Dashboards and Reporting (45 min)
  • 2.6: SIEM Tuning and Optimization (45 min)
  • 2.7: Practical Workshop - SIEM Investigation Lab (60 min)

Learn to collect, normalize, and correlate logs from firewalls, servers, endpoints, and cloud services.
  • 3.1: Understanding Log Formats and Structure (45 min)
  • 3.2: Windows Event Log Analysis (50 min)
  • 3.3: Linux Log Analysis (50 min)
  • 3.4: Firewall and Network Log Analysis (50 min)
  • 3.5: Correlation Techniques and Use Cases (50 min)
  • 3.6: Advanced Log Analysis - Regex and Automation (50 min)
  • 3.7: Practical Workshop - Log Analysis Investigation (60 min)

Learn to prioritize security alerts, investigate indicators of compromise, and determine incident severity.
  • 4.1: Alert Triage Fundamentals (45 min)
  • 4.2: False Positive Identification and Handling (45 min)
  • 4.3: Alert Enrichment Techniques (45 min)
  • 4.4: Investigation Techniques for SOC Analysts (55 min)
  • 4.5: Common Attack Types and Their Indicators (50 min)
  • 4.6: Using MITRE ATT&CK for Alert Triage (45 min)
  • 4.7: Practical Workshop - Alert Triage Simulation (60 min)

Learn proactive threat hunting using hypothesis-driven searches, MITRE ATT&CK framework, and analytics.
  • 5.1: Introduction to Threat Hunting (45 min)
  • 5.2: Hypothesis-Driven Hunting (50 min)
  • 5.3: IOC-Based and TTP-Based Hunting (55 min)
  • 5.4: Hunting with MITRE ATT&CK Framework (50 min)
  • 5.5: Threat Hunting Data Sources and Tools (45 min)
  • 5.6: Operationalizing Threat Hunting (45 min)
  • 5.7: Practical Workshop - Threat Hunting Lab (60 min)

Learn to create and execute incident response playbooks for malware, phishing, ransomware, and data breaches.
  • 6.1: Incident Response Framework (NIST SP 800-61) (50 min)
  • 6.2: Incident Classification and Prioritization (45 min)
  • 6.3: Containment Strategies and Techniques (55 min)
  • 6.4: Eradication and Recovery Procedures (50 min)
  • 6.5: Evidence Collection and Chain of Custody (55 min)
  • 6.6: Communication and Reporting During Incidents (45 min)
  • 6.7: Practical Workshop - Incident Response Simulation (60 min)

Learn to consume threat intelligence feeds, enrich alerts with IOCs, and block malicious indicators.
  • 7.1: Introduction to Threat Intelligence (50 min)
  • 7.2: Threat Intelligence Feeds and Platforms (55 min)
  • 7.3: IOCs: Types, Sources, and Management (50 min)
  • 7.4: Enriching Alerts with Threat Intelligence (50 min)
  • 7.5: Intelligence-Driven Threat Hunting (55 min)
  • 7.6: Building a Threat Intelligence Program (50 min)
  • 7.7: Practical Workshop - Threat Intelligence Integration (60 min)

Learn research techniques for SOC analysts: investigating IOCs, studying TTPs, analyzing malware reports, and tracking threat actors.
  • 8.1: Introduction to Security Research (45 min)
  • 8.2: OSINT Techniques for SOC Analysts (55 min)
  • 8.3: Reading and Interpreting Threat Reports (45 min)
  • 8.4: Researching IOCs and TTPs (50 min)
  • 8.5: Evaluating Source Credibility (45 min)
  • 8.6: Documenting and Sharing Research Findings (45 min)
  • 8.7: Practical Workshop - Security Research Lab (60 min)

Develop critical thinking, reasoning, communication, and workplace conflict resolution skills for SOC roles.
  • 9.1: What is Integrated Thinking in Security Operations? (45 min)
  • 9.2: Risk-Based Alert Prioritization (50 min)
  • 9.3: Communicating Security Findings to Stakeholders (45 min)
  • 9.4: Balancing Security and Business Operations (50 min)
  • 9.5: Ethical Decision-Making in the SOC (45 min)
  • 9.6: Continuous Learning and Professional Development (50 min)
  • 9.7: Practical Workshop - Integrated Thinking Scenarios (60 min)

Certification Exam

Final certification exam for Security Operations Analyst. Tests knowledge of SOC operations, SIEM, log analysis, alert triage, threat hunting, incident response, and threat intelligence.

Passing Score: 70%
Time Limit: 120 minutes
Attempts Allowed: 3
Camera Required: No

To earn your certificate, you must complete all course materials and pass the final exam with a score of 70% or higher.

Enroll in this Course
Certificate included
22 hours content
Downloadable resources
Mobile access
Duration 22 hours
Skill Level Intermediate
Learning Method Self Study
Category Cybersecurity
Modules 9
Total Lessons 63
Last Updated May 2026
Enroll Now
Practical skills guarantee