Certified Security Operations Center Practitioner (CSOCP)

The number of successful data breaches continues to increase everyday. Adversaries seem to have the upper hand, as many organizations fail to effectively detect and quickly respond to these breaches. Over 80% of all breach victims learn of a compromise from third-party notifications, not from internal security teams, and are often caught by surprise.

A Security Operations Center or SOC monitors enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints).The Security Operations Center allows an organization to enforce and test its security policies, processes, procedures and activities through one central platform that monitors and evaluates the effectiveness of the individual elements and the overall security system.

At Network Intelligence, we are conducting our flagship Certified Security Operations Center Practitioner (CSOCP) training. The 16-hour online course is spread across 4 days 4 hours each. The CSOCP training is focused on deployment and operation of the SOC. Once this course is completed, you will have the skills to perform your SOC responsibilities effectively. Here, instructors will teach you the skills to analyse and detect threats to an organization through demonstrations, labs, and lectures.

Training dates:

Americas & Europe:

  • Date: 4th – 7th December 2023
  • Timing: 2:00 PM – 6:00 PM GMT
  • Mode: Online through Microsoft Teams
  • Region: Americas & Europe
  • Fees
    • USD $ 150 (ISACA/ ISC2 Member)
    • ISACA/ISC2 Member: USD $120

Asia & Middle East:

  • Date: 27th – 30th November 2023
  • Timing: 6:00 Am – 10:00 Am GMT
  • Mode: Online through Microsoft Teams
  • Region: Asia & Middle East
  • Fees:
    • USD $ 150 (ISACA/ ISC2 Member)
    • USD $ 200 (Regular Participant)

The objective of the program:

The course covers the functional areas: Communications, Network Security Monitoring, Threat Intelligence, Incident Response, Forensics, and Self-Assessment. Security Operations Centers are used to monitor, detect, respond and mitigate threats to the organization.

Who should attend?
  • Cyber Security professionals
  • Blue Team Members
  • SOC Specialists
  • SOC Leaders and Managers
Table of Content:
Day 1: Security Operations Center Concepts
  • What is SOC
  • Evolution of SOC
  • Why is it required? (Objectives)
  • SOC Infrastructure
  • Log management
    • Computer Security Log Management
    • Log Management Infrastructure
    • Log Management Planning
    • Log Management Operational Process
Day 2 & 3: SIEM (Security Information & Event Management)
  • Introduction to SIEM
  • SIEM Architecture
  • Logs and Events
  • Understanding logs, various formats
  • Log Baselining
  • Aggregation and normalization
  • Event Collection and Event Correlation
  • Correlation Rules
  • IBM QRadar
    • Components
    • Console Overview
    • LIVE Demo
Day 4: Incident Response
  • Incident Response Plan
    • Purpose of Incident Response Plan?
    • Requirements of Incident Response Plan?
    • Preparation?
  • Incident Management
    • Purpose of Incident Management
    • Incident Management Process
    • Incident Management Team
  • Incident Response Team
    • Incident Response Team Members
    • Incident Response Team Members Roles and Responsibilities
    • Developing Skills in Incident Response Personnel
    • Incident Response Team Structure
    • Incident Response Team Dependencies
    • Incident Response Team Services
    • Defining the Relationship between Incident Response, Incident Handling, and Incident Management
    • Incident Response Best Practices
    • Incident Response Policy
    • Incident Response Plan Checklist
  • Incident Response and Handling Steps
    • Step 1: Identification
    • Step 2: Incident Recording
    • Step 3: Initial Response
    • Step 4: Communicating the Incident
    • Step 5: Containment
    • Step 6: Formulating a Response Strategy
    • Step 7: Incident Classification
    • Step 8: Incident Investigation
    • Step 9: Data Collection
    • Step 10: Forensic Analysis
    • Step 11: Evidence Protection
    • Step 12: Notify External Agencies
    • Step 13: Eradication
    • Step 14: Systems Recovery
    • Step 15: Incident Documentation
    • Step 16: Incident Damage and Cost Assessment
    • Step 17: Review and Update the Response Policies
Sample Certificate:


Terms & Conditions:
  • Fees, speakers and dates are subject to change.
  • Any cancellations received within the last ten calendar days would be liable for 50% of the course fees. Cancellations must be received in writing at least one week before course commencement. No-shows would be fully charged.
  • Registered attendees who are unable to attend the above course can send replacements subject to one week’s notification.
Privacy Notice:

We are committed to respecting your privacy and we recognize the importance of protecting the information collected about you. All of the personal information that you have submitted during the registration shall only in relation to your attendance at this event (i.e., processing of payments, issuance of the certificate, sending of any announcements, future events and activities). All the information that you have provided in relation to this event shall be protected with reasonable and appropriate measures and shall only be retained as long as necessary in its processing.