So you want to be a SOC Analyst? 2.0
Discover more from Eric’s Substack
So you want to be a SOC Analyst? 2.0
A revamp of the original SYWTBSA blog series, condensed and self-contained in a cloud-hosted lab VM. No local VM required!
Already a paid subscriber?
What’s this about?
For those familiar with my free series, So You Want to be a SOC Analyst? — this is version 2.0 which follows the same path as the original but features a fully cloud-hosted VM which has been preconfigured for this lab. This saves a lot of time on setup, and removes any requirement for running VMs locally which is difficult or impossible for some users. I’ve also simplified the lab by putting Sliver inside of the Windows system, reducing it from 2 VMs to 1, making it even simpler to follow.
Take a glance at the sections covered by the original series to get a better understanding of what 2.0 will step through.
How does it work?
For paid subscribers, simply go here to get access to the lab. Once you get the lab invite email, you will sign in to the lab portal, power on your cloud VM, and use any Remote Desktop client to connect to the VM. Once you connect, the lab guide will automatically launch and guide you step-by-step through the entire series.
What will I need to have in order to do this lab?
Nothing more than a device that can make Remote Desktop connections. Even a tablet will do! (though, I highly recommend a device with a mouse/keyboard)
How is this different than the original, free SYWTBSA?
The primary difference is that the original series required you to download and setup two virtual machines. This is becoming more difficult for participants without powerful systems for running VMs, or those on ARM-type CPUs (Mac M1/M2). Now, you don’t have to download anything, and can connect to a cloud-hosted VM.
The other difference is that I have modified and improved several steps of the original labs to add some interesting new techniques… So there will be slight differences in the lab content itself.
Why is this a paid-subscriber lab when the original series was free?
Primarily because 2.0 requires use of VMs running in Azure which incur real costs for me. Paid subscribers help me cover these costs. I try to make most of my beginner content free.
I want to give it a try!
Great! If you haven’t already, upgrade to a paid subscriber, then head over here.