Critical Knowledge:

SOC Analyst

CyberVista now offers a 100% online training program designed to develop Tier I analysts on the technical facets of the SOC in half the time, at a fraction of the cost, while minimizing security risk.


Build a Skilled SOC

Enterprise organizations around the world manage security operation centers (SOC) to monitor network activity and mitigate threats to the organization.  Yet, organizations are struggling to on-board new analysts, needing an average of four months of on-the-job training from a more advanced SOC Analyst to be ready to fill the role.

CyberVista now offers a 100% online training program designed to develop Tier I SOC Analysts in half the time at a fraction of the cost. Critical Knowledge: SOC Analyst Course is a comprehensive offering that builds on the Critical Knowledge training program. This course goes beyond fundamental concepts and dives into technical and task-oriented subject matter designed for Tier I SOC and entry-level cybersecurity analysts.

  • CyberVista’s SOC Analyst role-based training is the comprehensive course that builds off of the baseline Critical Knowledge training program. This course builds on fundamental cybersecurity concepts and dives headlong into technical, and task-oriented subject matter designed specifically for Tier I SOC and entry-level cybersecurity analysts.

  • This course is designed to train Tier I SOC analysts, entry-level and junior cybersecurity analysts, and individuals interested in making the transition into a technical cybersecurity role are best suited for the SOC Analyst course.  Enterprise organizations and federal agencies that house a dedicated SOC team or teams of cybersecurity analysts can benefit from the program given the extent of confidential information and private client intel.

  • Organizations participating in this offering will experience the following major benefits:

    • Efficiently improve knowledge, skills, and abilities related to day-to-day SOC responsibilities
    • Mitigate immediate weaknesses across critical cybersecurity knowledge and skill areas
    • Bolster a career pathway for long-term retention and employee satisfaction among all SOC team members

Request Course Demonstration


An intelligent solution.

Diagnostic Assessment

Easily administer a diagnostic assessment is used to determine each team member’s strengths and weaknesses.

CyberVista Advance Screenshot

Video Lessons

Engage with introductory videos, modular lessons, and lab walk-through videos.

Kali Linux

Practical Labs

Work with both guided and problem-oriented labs to reinforce practical applications, utilizing Kali Linux and Security Onion virtual machines.

Final Assessment

Participants conclude training with a final assessment to determine improvement across knowledge and skills.

Practice Exam Preparation

Retain valuable knowledge with exam-quality practice questions and exams.

Course content

SOC Org & Processes

01. SOC Organization & Processes

Learners will understand the roles and responsibilities of both the SOC and the SOC analysts within an organization.

  • This unit covers the SOC as a whole along with the roles and responsibilities of SOC analysts (by tiers) and other related teams.

Threats & Vuln

02. Threats & Vulnerability Analysis

Learners will be able to conduct vulnerability assessment and analysis, threat research, and establish known-good and known-bad network baselines.

  • This unit teaches how to conduct a vulnerability assessment, how to analyze the results of the assessment, and how to conduct further research based on findings (e.g., relevant threat actors, known signatures, etc.).

Device Log

03. Device Log Analysis

Learners will understand the importance and mechanisms of device logs, be able to conduct log analysis, and create scripts to automate analysis.

  • This unit covers how to find the logs on a machine (both Windows and Linux), analyze the logs for any suspicious activity, create alert triggers for IDS technologies, and create basic scripts in bash/PowerShell and Python for automation strategies.

Comp Org.

04. Comprehensive Org. Event Correlation

Learners will understand the purpose and application of SIEMs, conduct analysis of SIEM results, correlate multiple network events, and detect evidence of post-attack strategies.

  • This unit covers an introduction to SIEMs, exposure to a SIEM interface, and tools/techniques to analyze SIEM results.


05. PCAP Analysis

Learners will be able to capture live traffic and conduct analysis on captured packets for indicators of network attacks.

  • This unit covers how to create PCAP files, and the different analysis techniques used to identify network attacks.

Incident Response

06. Incident Response

Learners will understand the Incident Response phases and determine indicators of compromise for given incidents.

  • This unit gives the students a taste of incident handling and provides further practice of PCAP/Log analysis.

“We had excellent help from the account management to the instructors — a great experience all around. Really great business and people.”

Director of SOC, Fortune 100 Retail Company