SOC/CERT certificates?

eth0eth0 Member Posts: 86 ■■□□□□□□□□
Hi, what certificates that can be made online will be good for SOC/CERT in your opinion?

Comments

  • bryanthetechiebryanthetechie Member Posts: 172
    eth0 wrote: »
    Hi, what certificates that can be made online will be good for SOC/CERT in your opinion?
    I know that I've seen other posts here that cover this topic, so you may want to look around a bit. Off the top of my head, I believe there's a Wireshark cert that's available to be challenged online. This would be a good one for a SOC analyst.
  • Ac3Ac3 Registered Users Posts: 4 ■□□□□□□□□□
    GCIH - For Incident Handler. Please do check the SANS / GIAC Certification section for SANS 504.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,823 Admin
    Look at job postings for the types of SOC or CIRT you want to work in and see what they are asking for in the way of skills and certs. If you are looking for Network SOC work then you better know how to read log files, packet captures, and NetFlow info. I recommend the GCIA (SANS 503) for this. Having hands-on knowledge of how to use a SIEM is excellent, as is writing rules for network firewalls and IDS/IPS. Look into Splunk, Snort, and pfSense for these. Finally, an invaluable skill to have for SOC/CIRT work is a mastery of Excel. It can save you so much time combing through CSV files if you know how to filter and pivot well.
Sign In or Register to comment.