Blue team - SOC practice lab

gunmrgunmr Member Posts: 14 ■■□□□□□□□□
Hi,

Is there any certification or environment for practicing blue team skills?

Comments

  • stryder144stryder144 Senior Member Member Posts: 1,675 ■■■■■■■■□□
    If you have the know how and a suitable computer, you can use Splunk to monitor VMs and use a book like 30Bird's CySA+ book/VM labs to build your skillset.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,226 Mod
    eLearnSecurity have a incident handling and DFIR certs that are lab based
  • NyblizzardNyblizzard Member Posts: 332 ■■■■□□□□□□
    https://securityblue.team/

    This is what you're looking for. They just recently launched their first certification.
    O
    /|\
    / \
  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK Member Posts: 515 ■■■■■■■■□□
    There are two different types of blue teams, imo. The one where you live in a SOC and you want infosec knowledge. These can be CompTia's CySA+ or maybe something from SANS/GIAC. For labs, Security Onion is a place you could start. That said, I think all of the blue type stuff are self-hosted, rather than something you can log into and play around with.
    If you're new to infosec, there's always the Security+ -> SSCP/CISSP track to follow, too.


    And the rest are people who secure systems/design security, and often any cert you can think of that goes over how to build/operate a technology is going to be worthwhile. You want to secure Azure or AWS? Yes, there are security tracks, but you also need to know how to build/operate Azure and AWS.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2020 goals: AWS Security Specialty, maybe AWAE or SLAE, CISSP-ISSAP?
  • tripleatriplea Senior Member UKMember Posts: 189 ■■■■□□□□□□
    sign up for the Splunk fundamentals 1 - its free and fun to complete and you get a completion cert at the end. You can then pay for CORE user if you want to go further.
  • gunmrgunmr Member Posts: 14 ■■□□□□□□□□
Sign In or Register to comment.