Hello, am your latest sub, it’s nice of u making videos of the cyber security soc analyst row, thanks alot 🙏 I have a question, someone gave me this road map to be a soc analyst, 1: Google cyber security certificate 2: Comptia security+ 3: Blue team level 1 What do u think? Do u think I can land a job with just these 3 certificates? is this roadmap good?
@@MyDFIR ok, in a RU-vid short interview video, a man said one of his roll as a soc analyst is penetration testing, my second question is this, is penetration testing necessary too? And you always talk about a cloud certificate, which can I add to my roadmap?
I found that Microsoft security operations analyst associate is an intermediate course, So is the Microsoft fundamentals course is required, If I have done soc analyst course from lets defend ?
A very informative video bro.... would like to suggest you something, whenever you record the screen and perform a task just make sure that you zoom in to the part you are referring to on the screen at that point. as it looks very tiny when you explain a particular thing without zooming in into it. thnx for this video 🙂💯
thank you very much for walking through this project, it has been a really great learning experience, I have a question, I used a VM instead of a cloud server for the endpoint and found that there were two instances installed with sensors and the isolation was stuck in waiting status, can you please explain if this is the expected behavior when using a VM as the endpoint?
Hi, and thanks for your content!! I've been going through a ton of your videos lately attempting to make a decision on my next certificate. A little background, I just graduated with my BS in cyber from WGU and hold A+ thru Pentest+, also have SSCP and LPI linux essentials. I also have a few years of profession general IT background. While the program imo was great, I am now looking to put my theoretical knowledge into hands on practice leading me here :). I currently have the funds to pursue CCD and after all my research believe it is one of the best blue team certs I've found. My question to you is, hearing my background, do you believe it is worthwhile in my current position (do I have the background necessary, is this good next step to break into the field?) or should I start elsewhere? It would be my first hands on certificate outside of VM's and a bit of THM. Thank you!
It will be a bit advanced and you may feel lost at times but this is where you take notes and revisit those weak points. I think going for CCD is a great idea! My go to path would be: CCD, MDSA, SC200 in that order. CCD for the tooling MDSA for investigations SC200 to round out my skillset
Thank you for the info! I believe I will be taking the plunge. Wish me luck! I plan on shifting more into red team certs afterwards as it’s my main interest. Will see where I decide to go after passing 🙏
@MyDFIR yeah I did, I used chrome, Firefox, even Microsoft browser, but it kept saying network pending meanwhile my network ping is showing stable. Is there any other way I can get the sysmon config file so that I can finish your homelab intro project🥹🥹🥹
Question! When i got into windows, how do i get internet connections? Sounds easy but being on VM its hard to connect to use internet, like you typing IP and port nr 9999
For usecases, you’ll want to read about threat briefs and understanding what data sources a company has. Not all use case can be treated the same. Understand the companies risk and tailor the use case from there.
Is this really the case? I have 20+ years experience as a software engineer and I’m switching to security. I was told that there are like 10 Blue team jobs for every 1 red team job.
This was super informational! Thank you for doing the legwork & explaining the different options we have available for us to use. I currently have an account for THM which I'm finishing up my Web Fundamentals module & then I'll switch over to the SOC 1 module afterwards. I'm also studying for my CySA+ exam so I definitely have my hands full haha.
I wouldn’t but you can definitely try. I cant remember off the top but you can check to see if pfsense have any services that are similar to pihole that you can install on top of it.
Damn son, you have me convinced 🤯 I think I want to take Josh’s course first because it seems more entry-level and I want to do cloud security but then I going to take your course after for the projects. Honestly, after reviewing both website courses, yours looks the most bang for the buck. I love the hands-on approach. thank you for taking the time to create this video ❤
Love that! Ultimately, you can't go wrong with any of these courses but if you do choose mine... thank you. To add on, I would even couple my course with SC-200 self-paced training to make you an extremely attractive candidate!
I have Letsdefend cert, but I want to take TryHackMe too, because it has L1 and L2, and it introduces to different tools like for example: snort and suricata where you we don't actually get to test them in let'sDefend (it is mentioned in let's defend but we don't have labs related to that) and then start creating labs. Because I feel like I might be missing out on some things, and If I learn the same topics again I can understand it better right :)
So which certification do you recommend after BTL1? I was thinking some red team certs like HTB CPTS to round out my knowledge but what do you recommend?
@@MyDFIR landing a SOC position or analyst position. I’ve applied to about 300+ positions and no luck. I have a portfolio with about 5 labs/projects, some came from your videos, and I’m current in a help desk position which I find really boring. In terms of certs I have BTL1, Sec+ Net+, A+. I know getting a job right now feels like a lottery but the least I can do while job hunting is to learn more.
Gotcha, I mean it wouldn't hurt to spend some hours on looking at the red team side of things. Eventually that is what you want to do to get a better understanding of how attacks work. However, what I would do if I were in your shoes while applying, I would spin up a GitHub and start learning how to build detections/alerts from activity generated by atomic red team while keeping up to date with threat briefs from Mandiant, Red Canary, Crowdstrike, any of the big players along with TheDFIRReport to see realistic attacks. By doing this, you'll begin to learn more about what telemetry certain attacks leave behind and when your opportunity comes knocking, you can impress them by talking about popular attacks and how you would detect them and even show them.
This is the best. Do you recommend to mix the training of Try Hack me SOC lvl 1 and your course to maximize results? I like they way you teach and I think your training since is based on investigations it will be very beneficial for me.
Q: For someone brand new to the market -- what prep would someone need prior to taking your MYDFIR SOC Course? Are the triad certs essential first (A+, Net+, Sec+)? Any need for cloud, bash, or other code/programming/scripting experience (either broad or language-specific) prior to buying in? Thanks in advance.
I would be at least comfortable with the trifecta certs theory wise. I do walk you through on various different types of investigations and without theory knowledge it could be quite overwhelming. No need for cloud exp but I do recommend having some familiarity with linux and the CLI as I have the students go through that to setup tools and such. I see my course as the “missing piece” after folks obtain their sec+
Seriously, THANK YOU! For the past 5 years I have been working as a Geographic Information Systems Analyst and I have recently graduated (May 2024 from Liberty University) with a BS in IT Data Networking and Security. Since graduation I have been struggling with "Imposter Syndrome" when looking to apply for Jobs with the degree that I have just obtained. Someone suggested Home Labs as way to full-fill the unreasonable experience requirement that many see on the job postings. Your project videos are "life-saver" for me and my family. I no longer feel lost and without direction, thank you!!!
NICE! Some resources you can check out to learn more & prepare are DFIR Diva, 13Cubed & SANS. Take note on what kind of forensics your potential employer deals with. For example, is it solely mobile forensics? Endpoint? Network? etc. and look for resources tailored to those.
I will check out your course. Three days after I commented about the price of your course, I got a new job in cybersecurity with a significant increase (75k increase). So now I will definitely have to step up my game.