CyberBlueSOC Academy

The Complete Blue Team & SOC Training Program

From Zero to Battle-Ready SOC Analyst.

100+ hours18 Modules94+ Hands-on Labs

Course Path

Inside the SOC

Master your tools and become the eyes of the SOC

2 Modules15 Lessons12 Labs

Module 1: The SOC — Your War Room

Understand where you work, what you protect, and how everything connects.

Free

5 Lessons4 Labs

Module 2: SIEM Mastery — Eyes on Everything

The SIEM is your command center. Master it.

Free

10 Lessons8 Labs

Wazuh

Deep Analysis

Know what's normal, spot what isn't, and triage with confidence

3 Modules19 Lessons18 Labs

Module 3: OS Internals for Defenders

Know what normal looks like — so you can spot what isn't.

Free

6 Lessons6 Labs

Velociraptor, Wazuh

Module 4: Alert Triage — The Core Skill

SOC analysts do this 80% of the time. Get fast. Get accurate.

Free

7 Lessons6 Labs

Wazuh, CyberChef

Module 5: Phishing Analysis & Email Security

The #1 attack vector. Learn to dissect it.

Free

6 Lessons6 Labs

CyberChef, Wazuh

Threat Investigator

Follow the trail across network, intel, endpoint, and disk

4 Modules26 Lessons23 Labs

Module 6: Network Detection & Forensics

Attacks cross the network. Catch them and dissect them.

Free

8 Lessons7 Labs

Suricata + EveBox, Wireshark / tshark

Module 7: Threat Intelligence — Know Your Enemy

Don't investigate blind. Use intel to move faster and smarter.

Free

7 Lessons6 Labs

MISP + ATT&CK Navigator

Module 8: Endpoint Visibility & Response

The endpoint is where attacks land. Learn to look inside it.

Free

5 Lessons4 Labs

Velociraptor

Module 9: Digital Forensics

Recover evidence. Reconstruct the attack. Build the timeline.

Free

6 Lessons6 Labs

Velociraptor, Volatility 3

Detection Engineer

Write the rules that catch tomorrow's threats

3 Modules19 Lessons18 Labs

Module 10: YARA — Malware Detection & Hunting

Write rules that find malware. Hunt across files, endpoints, and memory.

Free

6 Lessons6 Labs

YARA, Velociraptor, CyberChef

Module 11: Malware Analysis Fundamentals

Understand what malware does — static, dynamic, and document-based.

Free

6 Lessons6 Labs

YARA, CyberChef, oletools

Module 12: Sigma — Detection Engineering

Write universal detection rules. Make your SIEM smarter.

Free

7 Lessons6 Labs

Sigma, Wazuh

Threat Hunter

Hunt what detections miss, respond when it's real, automate the rest

3 Modules18 Lessons17 Labs

Module 13: Threat Hunting — Find What Detections Miss

Don't wait for alerts. Go find the threats your detections missed.

Free

6 Lessons6 Labs

Wazuh, Suricata + EveBox, Velociraptor

Module 14: Incident Response & Case Management

When something is real — contain, investigate, document, close.

Free

7 Lessons6 Labs

TheHive + Cortex

Module 15: Security Automation & AI-Assisted Operations

Automate the repetitive, augment with AI. Focus on what requires a human.

Free

5 Lessons5 Labs

Shuffle

Battle-Ready Operator

Validate defenses, defend the cloud, prove you're ready

3 Modules10 Lessons10 Labs

Module 16: Attack Simulation & Detection Validation

Test your defenses. Close the purple team loop.

Free

5 Lessons5 Labs

Caldera, Atomic Red Team, Wazuh

Module 17: Cloud SOC — Defending Beyond the Perimeter

Cloud-native logging, attack patterns, and detection for AWS, Azure, and GCP.

Free

4 Lessons4 Labs

Wazuh

Module 18: Final Mission — The Full Incident

One scenario. Every skill. Prove you're battle-ready.

Free

1 Lessons1 Labs

Wazuh, Suricata + EveBox, MISP + ATT&CK Navigator, Velociraptor, TheHive + Cortex, Shuffle