Advice On Becoming a Better Security Analyst. (SoC)

MagnumOpusMagnumOpus Member Posts: 107
New to the field and absolutely love it! For those having made a career of this field, what advice can you give in mastering the art of working in the SoC?


  • ramrunner800ramrunner800 Member Posts: 238
    It's a bit tough to answer this question because a SOC can be very different from one organization to the next. Do you have any specific areas you feel deficient in? I feel that understanding of attacker methodology and knowledge of cutting edge threats go far in any SOC. Practicing your offensive skills in a lab environment while also performing network security monitoring through something like Security Onion helps with this. Other helpful things you can do are reading sites like, the SANS Internet Storm Center, and contagiodump. These will help you in keeping up to date with the latest attacker TTP's.
    Currently Studying For: GXPN
  • FillAwfulFillAwful Member Posts: 119 ■■■□□□□□□□
    Thanks for that list ramrunner, I was looking for sites exactly like this.
  • E Double UE Double U Member Posts: 1,724 ■■■■■■■■■□
    Here you go:

    What technology do you have access to?
    Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, Azure Security Engineer Associate, ITIL 4 Foundation, and more.

    2020 goals: AZ-900, AZ-500, GDSA, ITILv4

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • AnthonyGAnthonyG Member Posts: 44 ■■□□□□□□□□
    A good friend of mine in the security field gave me this, it might be useful for you:

    Below are some sites that I frequent for security information -- I hope you find what you need here.

    - SANS and their Internet Storm Center is a great place for in-depth security news/training. I usually check this site several times a week.
    SANS Information Security Training | Cyber Certifications | Research

    - Vulnerabilities with working exploit code -- I scan through this once a week or so to see if there is something I missed.

    - Purdue's Cassandra: you can input a product name or keyword and it will automatically send you future vulnerability information via e-mail from many different sources matching your product or keywords.

    - Vulnerability advisories


    - Good place with vulnerability information organized well.

    CVE security vulnerability database. Security vulnerabilities, exploits, references and more

    - This site is good for scanning something that is suspected malware with approximately 50 antivirus products -- sometimes a piece of malware you scan isn't found by any of the 50 products icon_smile.gif

    - General security news. Sometimes ArsTechnica has some good security articles.

    Risk Assessment | Ars Technica

    - Metasploit Pen testing software

    Penetration Testing Software | Metasploit

    - Nessus vulnerability scanner. Their newest plugins can reveal additional vulnerabilities.
    Nessus Plugins

    - Website site checks - Free URL scanner
    Wepawet » Home

    - Malware domains
  • MagnumOpusMagnumOpus Member Posts: 107
    Just wanted to officially reply to this thread as I became tooo busy with my career path. Everything stated here was rock solid, thanks a million guys. I will finally have security onion up and running next week.

    Thanks again!
  • BurnsieBurnsie Member Posts: 84 ■■□□□□□□□□
    Tagging this for future use. Great info.

  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■□□□
    Know the infrastructure, first and foremost. Windows or Mac or Linux or mobile OS, whatever your users use, know it at least on a sysadmin level.
Sign In or Register to comment.