SOC Analyst Track
Months 4–6 · Become the defender. Master SIEM platforms, threat hunting, and real-time incident response in live SOC environments.
SIEM & Log Management
Weeks 13 - 16
Splunk Core
Search, dashboards, alerts, SPL query language
Microsoft Sentinel
KQL, Analytic rules, Playbooks, Workbooks
Log Collection & Parsing
Syslog, WEF, Beats, Fluentd, index management
Alert Tuning & Correlation
Reducing noise, correlation rules, true/false positives
Threat Hunting & MITRE ATT&CK
Weeks 17 - 20
Threat Hunting Methodology
Hypothesis-driven hunting, IoC vs IoA, hunting loops
MITRE ATT&CK Framework
Tactics, techniques, procedure mapping and detection
Endpoint Detection (EDR)
CrowdStrike, Defender for Endpoint, process trees
Network Traffic Analysis
Zeek, Suricata, NSM, anomaly detection
Incident Response & Capstone
Weeks 21 - 24
Incident Response Lifecycle
PICERL framework, escalation, war-room management
Playbook Development
SOAR, automated response, runbook authoring
Threat Intelligence
OSINT, threat feeds, CTI integration into SIEM
Live-Fire SOC Capstone
48-Hour SOC simulation: detect, triage, respond, report
Zharnyx SOC Analyst Certification
This track is engineered to prepare you for the upcoming ZSA (Zharnyx SOC Analyst) certification — a 100% hands-on, no-MCQ practical exam. Currently in active development.
Secure Your Spot
Enroll in the SOC Analyst Track