CrowdStrike For SOC Analysts

Disclaimer: This course offered independently by Blue Team Consulting, LLC and is not affiliated with CrowdStrike, Inc.
CrowdStrike For SOC Analysts
File Size :
3.72 GB
Total length :
5h 16m



Hailie Shaw


Last update




CrowdStrike For SOC Analysts

What you’ll learn

Create Custom Rules and Policies
Understand CrowdStrike Fundamentals
Analyze Endpoint Data
Detect and Investigate Threats
Console Navigation and Features
Real Time Response Actions and Scripts
Threat Hunt in CrowdStrike

CrowdStrike For SOC Analysts


A connection to the internet


Module 1: Console Overview Get acquainted with the CrowdStrike console, your command center for proactive threat detection and incident response. Explore its interface, functionalities, and navigation to ensure a solid foundation for the rest of the course.Module 2: Where to Spend Your Time Learn to prioritize effectively in a dynamic threat landscape. Understand the critical areas of focus within the CrowdStrike console to optimize your time and as it pertains to SOC work.Module 3: Triaging a Detection Master the art of rapid detection triage. Develop skills to assess the severity of a detection, determine its scope, and decide on appropriate immediate actions.Module 4: Useful Open Source Tools to Use Discover a curated toolkit of open-source resources that complement the CrowdStrike platform. Explore how to leverage these tools to enhance your threat intelligence and investigative capabilities.Module 5: Event Search / Splunk Queries Delve into advanced event search techniques and learn how to craft powerful queries in Splunk. Learn how to conduct host analysis and leveraging endpoint logs to your advantage.Module 6: Real-Time Response Features Equip yourself with CrowdStrike’s real-time response arsenal. Dive into containment strategies, remote actions, scripting, and other instant response capabilities.Module 7: Sandbox & Blocking Actions Explore the CrowdStrike sandbox environment and understand its role in threat analysis. Learn to implement blocking actions effectively to halt threats in their tracks.Module 8: Whitelisting / Exclusions Navigate the nuances of whitelisting and exclusions. Gain insights into striking the right balance between security and operational efficiency.Module 9: Putting It All Together Immerse yourself in realistic scenarios where you’ll apply your newfound knowledge. Walk through end-to-end incident response processes, from detection to resolution.Module 10: Where to Go Next Chart your future course in the realm of cybersecurity. Discover avenues for continued learning, specialization, and skill refinement to stay ahead in the ever-evolving threat landscape.


Section 1: CrowdStrike: for SOC Analysts

Lecture 1 Introduction

Lecture 2 Module 1a: Console Overview

Lecture 3 Module 1b: Demo of the Console Overview

Lecture 4 Module 2a: Where to Spend Your Time

Lecture 5 Module 2b: Demo of the Important Menu Items

Lecture 6 Module 3a: Triaging a Detection

Lecture 7 Module 3b: Demo of Detection Triage

Lecture 8 Module 4: OSINT Tools to Leverage

Lecture 9 Module 5a: Event Search / Splunk Queries

Lecture 10 Module 5b: Demo of Searching Endpoint Logs

Lecture 11 Module 6a: Real Time Response Features

Lecture 12 Module 6b: Demo of Real Time Response

Lecture 13 Module 7a: Sandbox & Blocking Actions

Lecture 14 Module 7b: Demo of Sandbox Detonation and Performing Blocks

Lecture 15 Module 8a: Whitelisting / Adding Exclusions

Lecture 16 Module 8b: Demo of How to Add Exclusions

Lecture 17 Module 9: Putting it All Together!

Lecture 18 Module 10: Where to Go Next

Cybersecurity Practitioners,Incident Responders,Threat Hunters,IT Professionals Transitioning to Security,SOC Analysts,Threat Intelligence Analysts

Course Information:

Udemy | English | 5h 16m | 3.72 GB
Created by: Hailie Shaw

You Can See More Courses in the IT & Software >> Greetings from

New Courses

Scroll to Top