Certified SOC Analyst (C|SA)
WhatsApp: +573224181125
customerservice@infinity.org

International Certification in SOC Analyst (C|SA)

The C|SA program is designed as the professional entry point into Security Operations Centers (SOCs). Its goal is to train Tier I and Tier II analysts, providing intensive coverage of the fundamentals of monitoring, detection, event correlation, and incident response. The course includes hands-o…

24 hours
Official Certificate
Expert Instructors
Online Learning
Reserve Your Spot View Syllabus
Certificación internacional SOC Analyst (C|SA)
EC-COUNCIL logo

The C|SA program is designed as the professional entry point into Security Operations Centers (SOCs). Its goal is to train Tier I and Tier II analysts, providing intensive coverage of the fundamentals of monitoring, detection, event correlation, and incident response.

The course includes hands-on practice with SIEM tools, Threat Intelligence, and log analysis, simulating real-world scenarios.

At the end of the course, participants will be able to:

  • • Apply threat intelligence to strengthen detection capabilities
  • • Develop hands-on skills with SIEM tools and escalation workflows
  • • Understand SOC procedures in a simulated, professional environment
  • • Prepare for the official C|SA certification exam (312-39)
  • • Analyze, detect, and respond to real-time security incidents

To fully benefit from the course, participants are required to have:

  • • At least 1 year of experience in networking or cybersecurity
  • • Basic knowledge of TCP/IP, firewalls, IDS/IPS, and log management
  • • It is also possible to enroll without prior experience by taking the official EC-Council preparatory course

Certificación internacional SOC Analyst (C|SA) Applies
Certificación internacional SOC Analyst (C|SA) 24 hours

Learning Methodology

The learning methodology, regardless of the modality (in-person or remote), is based on the development of workshops or labs that lead to the construction of a project, emulating real activities in a company.

The instructor (live), a professional with extensive experience in work environments related to the topics covered, acts as a workshop leader, guiding students' practice through knowledge transfer processes, applying the concepts of the proposed syllabus to the project.

The methodology seeks that the student does not memorize, but rather understands the concepts and how they are applied in a work environment.

As a result of this work, at the end of the training the student will have gained real experience, will be prepared for work and to pass an interview, a technical test, and/or achieve higher scores on international certification exams.

Conditions to guarantee successful results:
  • a. An institution that requires the application of the model through organization, logistics, and strict control over the activities to be carried out by the participants in each training session.
  • b. An instructor located anywhere in the world, who has the required in-depth knowledge, expertise, experience, and outstanding values, ensuring a very high-level knowledge transfer.
  • c. A committed student, with the space, time, and attention required by the training process, and the willingness to focus on understanding how concepts are applied in a work environment, and not memorizing concepts just to take an exam.

Pre-enrollment

You do not need to pay to pre-enroll. By pre-enrolling, you reserve a spot in the group for this course or program. Our team will contact you to complete your enrollment.

Pre-enroll now

Infinity Payments

Make your payment quickly, safely and reliably


- For bank transfer payments, request the details by email capacita@aulamatriz.edu.co.

- If you wish to finance your payment through our credit options
(Sufi, Cooperativa Unimos or Fincomercio), click on the following link:
Ver opciones de crédito.

To continue you must
Or if you don't have an account you must

Description

The C|SA program is designed as the professional entry point into Security Operations Centers (SOCs). Its goal is to train Tier I and Tier II analysts, providing intensive coverage of the fundamentals of monitoring, detection, event correlation, and incident response.

The course includes hands-on practice with SIEM tools, Threat Intelligence, and log analysis, simulating real-world scenarios.

Objectives

At the end of the course, participants will be able to:

  • • Apply threat intelligence to strengthen detection capabilities
  • • Develop hands-on skills with SIEM tools and escalation workflows
  • • Understand SOC procedures in a simulated, professional environment
  • • Prepare for the official C|SA certification exam (312-39)
  • • Analyze, detect, and respond to real-time security incidents

To fully benefit from the course, participants are required to have:

  • • At least 1 year of experience in networking or cybersecurity
  • • Basic knowledge of TCP/IP, firewalls, IDS/IPS, and log management
  • • It is also possible to enroll without prior experience by taking the official EC-Council preparatory course

offers

Certificación internacional SOC Analyst (C|SA) Applies
Certificación internacional SOC Analyst (C|SA) 24 hours

Learning Methodology

The learning methodology, regardless of the modality (in-person or remote), is based on the development of workshops or labs that lead to the construction of a project, emulating real activities in a company.

The instructor(live), a professional with extensive experience in work environments related to the topics covered, acts as a workshop leader, guiding students' practice through knowledge transfer processes, applying the concepts of the proposed syllabus to the project.

La metodología persigue que el estudiante "does not memorize", but rather "understands" the concepts and how they are applied in a work environment."

As a result of this work, at the end of the training the student will have gained real experience, will be prepared for work and to pass an interview, a technical test, and/or achieve higher scores on international certification exams.

Conditions to guarantee successful results:
  • a. An institution that requires the application of the model through organization, logistics, and strict control over the activities to be carried out by the participants in each training session.
  • b. An instructor located anywhere in the world, who has the required in-depth knowledge, expertise, experience, and outstanding values, ensuring a very high-level knowledge transfer.
  • c. A committed student, with the space, time, and attention required by the training process, and the willingness to focus on understanding how concepts are applied in a work environment, and not memorizing concepts just to take an exam.

Course Modules

Module 1: Security Operations and Management

You will learn the fundamentals of how a SOC operates, including the organizational structure, roles, responsibilities, and workflows. Continuous monitoring, escalation processes, and the key functions of the SOC team in defending an organization are introduced.

Explore common cyber threats, indicators of compromise (IoCs), and methodologies used by attackers. This module teaches you how to identify tools, techniques, and procedures (TTPs) used in cyberattacks, based on models such as the Kill Chain and MITRE ATT&CK.

You will learn to differentiate between events and true security incidents, as well as to manage and analyze logs from multiple sources (firewalls, IDS/IPS, endpoints). It also covers concepts of centralized log management (CLM).

This module focuses on the use of SIEM tools (such as Splunk, ELK, AlienVault) for threat detection. You will learn to develop and apply correlation rules, generate alerts, and visualize suspicious events across different layers: application, network, and host.

Here you will learn to integrate threat intelligence sources into SIEM platforms. The objective is to strengthen the early detection capability of complex attacks through the use of feeds, updated threat pattern analysis, and contexts of advanced attacks.

This last module covers the entire incident response cycle: triaging, containment, eradication, recovery, and reporting. It teaches how to generate tickets, document incidents, and collaborate with response teams (IRT/CSIRT) in real-world environments.

Download Syllabus