BTLO Replay: SOC ALPHA 1 | Security Operations Lab Walkthrough

Welcome to BTLO Replay, a video series that will take you through retired BTLO labs. Videos posted every Friday at 6pm BST.

This week’s lab is SOC ALPHA 1, a SOC investigation that requires you to analyze various alerts.

Difficulty: Easy

The SOC ALPHA 1 scenario:

You are a SOC analyst, and handling the alerts within your SIEM, ELK is part of your daily duties. You must answer the questions by analysing the alerts provided in the accompanying text file.

0:00 – Introduction
1:40 – README.txt and prep
3:25 – Question 1
4:50 – Kibana
5:10 – Question 1 cont.
8:50 – Question 2
9:27 – Question 3
12:23 – Question 4
16:21 – Question 5
18:44 – Question 6
19:55 – Question 7
20:22 – Summary

--

Powered by global blue team training provider, Security Blue Team, BTLO is a gamified platform for defenders to sharpen their skills during engaging security investigation and challenge scenarios.

The BTLO Replay series takes viewers through walkthroughs of retired labs. Visit the BTLO website to take on these challenges for yourself and discover new labs launching regularly.

SUBSCRIBE:    / @blueteamlabsonline  
WEBSITE: https://blueteamlabs.online
DISCORD:   / discord  
TWITTER:   / bluelabsonline  
LINKEDIN:   / blue-team-labs-online