This program is designed for beginners who are new to Blue Team operations and possess a foundational understanding of cybersecurity concepts. It is ideal for individuals seeking to develop core Blue Team skills through engaging, hands-on activities using Splunk Enterprise and the Windows operating system.
An experienced instructor will be available throughout the course to provide guidance and support, ensuring participants build both the technical skills and confidence needed to succeed.
The course offers introductory, hands-on exploration of Defensive Security Operations Center (SOC) investigations. Participants assume the role of a SOC analyst at a fictitious organization tasked with identifying evidence of an active security breach and determining the attacker’s initial point of entry. This experiential learning approach provides practical exposure to real-world investigative scenarios.
An experienced instructor will be available throughout the course to provide guidance and support, ensuring participants build both the technical skills and confidence needed to succeed.
The course offers introductory, hands-on exploration of Defensive Security Operations Center (SOC) investigations. Participants assume the role of a SOC analyst at a fictitious organization tasked with identifying evidence of an active security breach and determining the attacker’s initial point of entry. This experiential learning approach provides practical exposure to real-world investigative scenarios.
• High School Cybersecurity Students
• Entry-Level Cybersecurity Students
• Novice SOC Analysts/Engineers
• Initial Access: Identifying how the attack originated
• Lateral Movement: Analyzing how the attacker moved within the environment
• Discovery: Understanding how the attacker identified and explored victim hosts
• Endpoint Analysis: Investigating Windows-based systems using Splunk Enterprise
• High School Cybersecurity Students
• Entry-Level Cybersecurity Students
• Novice SOC Analysts/Engineers
• Foundational understanding of cybersecurity concepts
Workstation Requirements
• Google Chrome browser with Remote Desktop Protocol (RDP) support
• Supported operating systems: Windows, Linux, or macOS
• Chromebooks, tablets, and mobile phones are not supported
• Participants using systems with restrictive security configurations (e.g., Endpoint Detection and Response [EDR] solutions) are advised to temporarily disable these features, as they may interfere with lab activities
• When possible, participants are encouraged to use personal laptops to avoid organizational security restrictions
If format is ONLINE Network Requirements
• A minimum of 3 Mbps of internet bandwidth per participant
• No firewall restrictions that block required ports or IP addresses
• Preferred network access configuration:
• Whitelist *.cywaria.net/ and ensure access to port 8443
• An unrestricted internet connection with no port or IP filtering is idea
• lIf feasible, participants are encouraged to bring or use personal mobile hotspots
