Thank you, for all you do. I built another SOC environment yesterday with Graylog as SIEM, OSSEC as EDR, Suricata as IDS, TheHive as a Ticketing system, Kali as an attack machine, Windows 10, and Ubuntu as target machines. This coupled with your 30-day SOC analyst challenge we did last year, I am enjoying playing around with different environments. I also have a malware analysis lab with FlareVM and Remnux. I am learning and growing on this path with a lot of thanks to you, mentor❤
Great video! I did the home lab and mix it with AD project to create one project to practice network penetration testing (all of the machines are connected with pfsense and divided in different subnets) The use your videos from the EDR project and made a phishing simulation. I used Ubuntu as the attacker machine and windows as the victim. Snort is the IDS, LimaCharlie as the EDR and I am using the YARA Scanner from LimaCharlie, Splunk and Sysmon. All of the logs except LimaCharlie are send to Splunk for analysis. I implemented the the cyber kill chain for attack and the NIST incident response framework.
@@MyDFIR All thanks to you and TCM Security SOC 101 course, most of the gaps in my project I fill it up with your videos. Which I had a lot when I build it. Can’t to see you in Blue Team livestream tomorrow
Great question, what is your background? Where in DFIR would you want to get into? Books are a great way to learn topics and doing labs from CyberDefenders is how I got started (wanted to get into Endpoint/Network forensics)
I'm just finishing up the SOC automation project. Would a static/dynamic malware analysis project pair well for a blue team resume? It would utilize reverse engineering, packet capture, and some scripting for automation.
I think that would be a great idea. It’ll showcase hiring managers that you have some experience in that area which is helpful if needed to find additional IOCs!
Thank you, for all you do. I built another SOC environment yesterday with Graylog as SIEM, OSSEC as EDR, Suricata as IDS, TheHive as a Ticketing system, Kali as an attack machine, Windows 10, and Ubuntu as target machines. This coupled with your 30-day SOC analyst challenge we did last year, I am enjoying playing around with different environments. I also have a malware analysis lab with FlareVM and Remnux.
I am learning and growing on this path with a lot of thanks to you, mentor❤
Sounds like a great setup! Nicely done 💙
@MyDFIR Thank you
Can you make a video on how to document the Project ?
This would be really helpful 👍
@@ffhub1633 Yes please 🙏
This will be really nice indeed
6:37
@@brendurant link?
Great video! I did the home lab and mix it with AD project to create one project to practice network penetration testing (all of the machines are connected with pfsense and divided in different subnets)
The use your videos from the EDR project and made a phishing simulation. I used Ubuntu as the attacker machine and windows as the victim. Snort is the IDS, LimaCharlie as the EDR and I am using the YARA Scanner from LimaCharlie, Splunk and Sysmon. All of the logs except LimaCharlie are send to Splunk for analysis. I implemented the the cyber kill chain for attack and the NIST incident response framework.
That's amazing!!! It sounds like you have a well-rounded project 💪
@@MyDFIR All thanks to you and TCM Security SOC 101 course, most of the gaps in my project I fill it up with your videos. Which I had a lot when I build it. Can’t to see you in Blue Team livestream tomorrow
Thank you Steven 🤝
You're welcome!
Thanks Steven 👍
Thanks for watching 💙
Thanks for always Steven
You’re most welcome 💙
Thanks Steven. I've been engaging in your projects and I'm pretty sure I'll land an offer soon.
Lets go! Its only a matter of time 💪
These projects are gold! Perfect for anyone looking to make their mark as a SOC Analyst.
@@MatthewSanders-l7k you work in SOC?
Thank you!
The GOATTT
Appreciate you 💙
Almost done with completing the letsdefend soc analyst path course then my goal was to do your projects here on TH-cam (:
Awesome!! Hope you’re learning lots 💪
hello, want to be in DFIR any tips? and projects? and where to start
Great question, what is your background? Where in DFIR would you want to get into? Books are a great way to learn topics and doing labs from CyberDefenders is how I got started (wanted to get into Endpoint/Network forensics)
I'm just finishing up the SOC automation project. Would a static/dynamic malware analysis project pair well for a blue team resume? It would utilize reverse engineering, packet capture, and some scripting for automation.
I think that would be a great idea. It’ll showcase hiring managers that you have some experience in that area which is helpful if needed to find additional IOCs!
This is great, but why not introduce the projects in the order you recommend we do them in?
Great question - tbh I went with the date posted, probably should’ve went with what I recommended haha but oh well, its in the action plan!
SOC course not open for enrollment?
It is open! Happy to answer any questions you may have 💙
Great video as always. 🫡
Thanks again!