Eric’s Substack

Share this post

Eric’s Substack
Eric’s Substack
So you want to be a SOC Analyst? 2.0
Copy link
Facebook
Email
Notes
More

So you want to be a SOC Analyst? 2.0

A revamp of the original SYWTBSA blog series, condensed and self-contained in a cloud-hosted lab VM. No local VM required!

Eric Capuano
Nov 03, 2023
19

Share this post

Eric’s Substack
Eric’s Substack
So you want to be a SOC Analyst? 2.0
Copy link
Facebook
Email
Notes
More
1
Share

Already a paid subscriber?

Take me to the lab!

What’s this about?

For those familiar with my free series, So You Want to be a SOC Analyst? — this is version 2.0 which follows the same path as the original but features a fully cloud-hosted VM which has been preconfigured for this lab. This saves a lot of time on setup, and removes any requirement for running VMs locally which is difficult or impossible for some users. I’ve also simplified the lab by putting Sliver inside of the Windows system, reducing it from 2 VMs to 1, making it even simpler to follow.

Take a glance at the sections covered by the original series to get a better understanding of what 2.0 will step through.

How does it work?

For paid subscribers, simply go here to get access to the lab. Once you get the lab invite email, you will sign in to the lab portal, power on your cloud VM, and use any Remote Desktop client to connect to the VM. Once you connect, the lab guide will automatically launch and guide you step-by-step through the entire series.

What will I need to have in order to do this lab?

Nothing more than a device that can make Remote Desktop connections. Even a tablet will do! (though, I highly recommend a device with a mouse/keyboard)

How is this different than the original, free SYWTBSA?

The primary difference is that the original series required you to download and setup two virtual machines. This is becoming more difficult for participants without powerful systems for running VMs, or those on ARM-type CPUs (Mac M1/M2). Now, you don’t have to download anything, and can connect to a cloud-hosted VM.

The other difference is that I have modified and improved several steps of the original labs to add some interesting new techniques… So there will be slight differences in the lab content itself.

Why is this a paid-subscriber lab when the original series was free?

Primarily because 2.0 requires use of VMs running in Azure which incur real costs for me. Paid subscribers help me cover these costs. I try to make most of my beginner content free.

I want to give it a try!

Great! If you haven’t already, upgrade to a paid subscriber, then head over here.

Take me to the lab!

Any paid subscription level becomes eligible for this, and all other paid-subscriber labs.

19

Share this post

Eric’s Substack
Eric’s Substack
So you want to be a SOC Analyst? 2.0
Copy link
Facebook
Email
Notes
More
1
Share

Discussion about this post

Dan Blandino
Nov 9

Hello Eric, great update on the SYWTBSA! If I'd like to add this to my resume, what would be the best resume bullets to highlight?

Expand full comment
Reply
Share

No posts

Ready for more?

© 2024 Eric Capuano
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More