​Why Good SOC Analysts Know Offense & Defense

If you’re a SOC analyst or managing them, it’s important to know what factors build proficiency. The first is your mindset. Many SOC analysts spend a lot of time on the system administration and log monitoring. You’ve got to understand both offense and defense at a deep level to become proficient as a SOC analyst. Both drive each other. As a blue teamer, knowing proper exploitation methods helps you hunt threat actors on a network. As a red teamer, knowing how detection engineering works helps you design attacks that are much stealthier. The second factor for SOC analysts is to build and train on a home lab. A home lab is like a gym for SOC analysts. Gyms help athletes become faster and stronger. Home labs help you become more proficient with both offensive and defensive tools. You don’t need many resources to build a home lab. A desktop tower with enough RAM and CPU lets you virtualize operating systems or network appliances like firewalls. If you’re on a budget, a few Raspberry Pi’s and your laptop, physically wired to a cheap switch, can be enough as well. The third factor for successful SOC analysts is constant love for learning. Whether you’re a voracious reader or binge watcher, there're resources everywhere. Blog articles, tweets, books, podcasts, YouTube, can all guide you along the learning path. In many cases, they can be more valuable than an actual cyber security course! Good SOC analysts know how to track resources to stay organized or reference back to later. Simple tools like OneNote, Google Drive, and Bookmarks can all do the trick. The road to mastery is long. But armed with these three pieces, it’s much more attainable than you think. Level Up. FULL INTERVIEW: https://youtu.be/5oGQNu4CJL8 00:00 Building a Home Lab 01:30 Offensive and Defensive Toolkits 03:15 How to Keep Track of Tools & Resources 03:57 Red vs. Blue Mindsets 05:03 Are Cyber Security Certifications Valuable? 06:16 SOC Analyst Skills and Salaries 07:45 Interviewing for a Cyber Security Job 09:12 The Journey from Beginner to Pro 11:24 Tips as a Technical Leader 12:51 Security Advice for Your Mother #SOCAnalyst #CyberSecurity #Cyberspatial