WhatsApp: +573224181125
customerservice@infinity.org

Certified SOC Analyst (C|SA)

Certified SOC Analyst (C|SA)

Módulos

Módulo 1: Security Operations and Management

Aprenderás los fundamentos del funcionamiento de un SOC, incluyendo la estructura organizacional, roles, responsabilidades y flujos de trabajo. Se introduce el monitoreo continuo, los procesos de escalamiento y las funciones clave del equipo SOC en la defensa de una organización.

Explora las amenazas cibernéticas comunes, los indicadores de compromiso (IoCs) y las metodologías utilizadas por atacantes. Este módulo te enseña cómo identificar herramientas, técnicas y procedimientos (TTPs) utilizados en ciberataques, basándose en modelos como la Kill Chain y MITRE ATT&CK.

Aprenderás a diferenciar entre eventos y verdaderos incidentes de seguridad, así como a gestionar y analizar registros (logs) desde múltiples fuentes (firewalls, IDS/IPS, endpoints). También cubre conceptos de gestión centralizada de logs (CLM).

Este módulo se centra en el uso de herramientas SIEM (como Splunk, ELK, AlienVault) para la detección de amenazas. Aprenderás a desarrollar y aplicar reglas de correlación, generar alertas y visualizar eventos sospechosos en diferentes capas: aplicación, red y host.

Aquí aprenderás a integrar fuentes de inteligencia de amenazas en las plataformas SIEM. El objetivo es fortalecer la capacidad de detección anticipada de ataques complejos mediante el uso de feeds actualizados, análisis de patrones de amenazas y contextos de ataques avanzados.

Este último módulo cubre todo el ciclo de respuesta ante incidentes: triaging, contención, erradicación, recuperación y reporte. Se enseña cómo generar tickets, documentar incidentes y colaborar con equipos de respuesta (IRT/CSIRT) en entornos reales.

The C|SA program is designed as the professional entry point into Security Operations Centers (SOCs). Its goal is to train Tier I and Tier II analysts, providing intensive coverage of the fundamentals of monitoring, detection, event correlation, and incident response.

The course includes hands-on practice with SIEM tools, Threat Intelligence, and log analysis, simulating real-world scenarios.

At the end of the course, participants will be able to:

  • • Apply threat intelligence to strengthen detection capabilities
  • • Develop hands-on skills with SIEM tools and escalation workflows
  • • Understand SOC procedures in a simulated, professional environment
  • • Prepare for the official C|SA certification exam (312-39)
  • • Analyze, detect, and respond to real-time security incidents

To fully benefit from the course, participants are required to have:

  • • At least 1 year of experience in networking or cybersecurity
  • • Basic knowledge of TCP/IP, firewalls, IDS/IPS, and log management
  • • It is also possible to enroll without prior experience by taking the official EC-Council preparatory course

Certified SOC Analyst (C|SA) Applies
Certified SOC Analyst (C|SA) 24 hours

Learning Methodology

The learning methodology, regardless of the modality (in-person or remote), is based on the development of workshops or labs that lead to the construction of a project, emulating real activities in a company.

The instructor (live), a professional with extensive experience in work environments related to the topics covered, acts as a workshop leader, guiding students' practice through knowledge transfer processes, applying the concepts of the proposed syllabus to the project.

The methodology seeks that the student does not memorize, but rather understands the concepts and how they are applied in a work environment.

As a result of this work, at the end of the training the student will have gained real experience, will be prepared for work and to pass an interview, a technical test, and/or achieve higher scores on international certification exams.

Conditions to guarantee successful results:
  • a. An institution that requires the application of the model through organization, logistics, and strict control over the activities to be carried out by the participants in each training session.
  • b. An instructor located anywhere in the world, who has the required in-depth knowledge, expertise, experience, and outstanding values, ensuring a very high-level knowledge transfer.
  • c. A committed student, with the space, time, and attention required by the training process, and the willingness to focus on understanding how concepts are applied in a work environment, and not memorizing concepts just to take an exam.

Pre-enrollment

You do not need to pay to pre-enroll. By pre-enrolling, you reserve a spot in the group for this course or program. Our team will contact you to complete your enrollment.

Pre-enroll now

Infinity Payments

Make your payment quickly, safely and reliably


- For bank transfer payments, request the details by email capacita@aulamatriz.edu.co.

- If you wish to finance your payment through our credit options
(Sufi, Cooperativa Unimos or Fincomercio), click on the following link:
Ver opciones de crédito.

To continue you must
Or if you don't have an account you must

Description

The C|SA program is designed as the professional entry point into Security Operations Centers (SOCs). Its goal is to train Tier I and Tier II analysts, providing intensive coverage of the fundamentals of monitoring, detection, event correlation, and incident response.

The course includes hands-on practice with SIEM tools, Threat Intelligence, and log analysis, simulating real-world scenarios.

Objectives

At the end of the course, participants will be able to:

  • • Apply threat intelligence to strengthen detection capabilities
  • • Develop hands-on skills with SIEM tools and escalation workflows
  • • Understand SOC procedures in a simulated, professional environment
  • • Prepare for the official C|SA certification exam (312-39)
  • • Analyze, detect, and respond to real-time security incidents

To fully benefit from the course, participants are required to have:

  • • At least 1 year of experience in networking or cybersecurity
  • • Basic knowledge of TCP/IP, firewalls, IDS/IPS, and log management
  • • It is also possible to enroll without prior experience by taking the official EC-Council preparatory course

offers

Certified SOC Analyst (C|SA) Applies
Certified SOC Analyst (C|SA) 24 hours

Learning Methodology

The learning methodology, regardless of the modality (in-person or remote), is based on the development of workshops or labs that lead to the construction of a project, emulating real activities in a company.

The instructor(live), a professional with extensive experience in work environments related to the topics covered, acts as a workshop leader, guiding students' practice through knowledge transfer processes, applying the concepts of the proposed syllabus to the project.

La metodología persigue que el estudiante "does not memorize", but rather "understands" the concepts and how they are applied in a work environment."

As a result of this work, at the end of the training the student will have gained real experience, will be prepared for work and to pass an interview, a technical test, and/or achieve higher scores on international certification exams.

Conditions to guarantee successful results:
  • a. An institution that requires the application of the model through organization, logistics, and strict control over the activities to be carried out by the participants in each training session.
  • b. An instructor located anywhere in the world, who has the required in-depth knowledge, expertise, experience, and outstanding values, ensuring a very high-level knowledge transfer.
  • c. A committed student, with the space, time, and attention required by the training process, and the willingness to focus on understanding how concepts are applied in a work environment, and not memorizing concepts just to take an exam.

Pre-enrollment

You do not need to pay to pre-enroll. By pre-enrolling, you reserve a spot in the group for this course or program. Our team will contact you to complete your enrollment.

Pre-enroll now
Download Syllabus
-->