SOC/CERT certificates?

Hi, what certificates that can be made online will be good for SOC/CERT in your opinion?

Find more posts tagged with

Comments

eth0 wrote: »

Hi, what certificates that can be made online will be good for SOC/CERT in your opinion?

I know that I've seen other posts here that cover this topic, so you may want to look around a bit. Off the top of my head, I believe there's a Wireshark cert that's available to be challenged online. This would be a good one for a SOC analyst.

Ac3

GCIH - For Incident Handler. Please do check the SANS / GIAC Certification section for SANS 504.

JDMurray

Look at job postings for the types of SOC or CIRT you want to work in and see what they are asking for in the way of skills and certs. If you are looking for Network SOC work then you better know how to read log files, packet captures, and NetFlow info. I recommend the GCIA (SANS 503) for this. Having hands-on knowledge of how to use a SIEM is excellent, as is writing rules for network firewalls and IDS/IPS. Look into Splunk, Snort, and pfSense for these. Finally, an invaluable skill to have for SOC/CIRT work is a mastery of Excel. It can save you so much time combing through CSV files if you know how to filter and pivot well.