Skip to content

sergiolopfer84/soc-analyst-learning-path

BranchesTags

Repository files navigation

SOC Analyst Learning Notes (TryHackMe)

This repository contains my structured notes and practical concepts learned while completing the TryHackMe SOC Level 1 learning path.

The goal of this repository is to document key knowledge areas required for a SOC analyst role, including:

  • Alert triage
  • Incident reporting and escalation
  • Attack vectors targeting systems
  • SOC performance metrics
  • Context enrichment and investigation workflows

These notes are based on hands-on labs and theoretical modules from the TryHackMe platform.

Repository Structure

Section Topic
01 Alert Triage
02 Reporting & Escalation
03 Systems as Attack Vectors
04 SOC Metrics
05 Context Enrichment & SOC Workbooks

Key Learning Areas

  • Alert triage methodology
  • True Positive vs False Positive classification
  • Incident reporting using the 5W model
  • Understanding attack vectors and system vulnerabilities
  • SOC performance metrics (MTTD, MTTA, MTTR)
  • Investigation workflows using asset inventories and identity sources

Source

Training material from:

TryHackMe – SOC Level 1 Path

About

SOC Analyst learning notes and investigation methodology based on TryHackMe SOC Level 1 path. Alert triage, escalation, SOC metrics and investigation workflows.

Topics

incident-response cybersecurity siem blueteam threat-detection security-operations tryhackme

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors