All tutorials
Tutorial category

Incident Response tutorials

Respond to incidents with structure and evidence

Learn the full incident lifecycle—detection, containment, eradication, recovery, and lessons learned—with templates and scenarios used by real IR teams.

Start featured tutorialBrowse full catalog

Featured in this category

Best place to start

SOC Analyst Foundation: Logs, Alerts and Incident Response

Strong starting point for alert-driven response and SOC workflows.

Beginner – Intermediate10–12 hours
Open tutorial

1

Curated tutorials

In catalog

6

Topic areas

How it works

Learn → practice → test → apply

Every tutorial in this category follows the same practical structure so you build real skills, not just theory.

1

Read & understand

Concepts with examples and diagrams

2

Practice

Labs, commands, and scenarios

3

Test yourself

Quizzes and assignments

4

Apply on the job

Checklists and real-world workflows

Start here

Curated tutorials in this category

Hand-picked programs to begin with — each includes chapters, practice, and assessments where available.

Featured

SOC Analyst Foundation: Logs, Alerts and Incident Response

Strong starting point for alert-driven response and SOC workflows.

Beginner – Intermediate10–12 hours

Includes: IR scenarios · Labs · Playbooks

Start tutorial
Browse full tutorial catalog

More topics

Explore other tutorial categories

Jump between fundamentals, offensive security, blue team, cloud, compliance, and more.

Cybersecurity Fundamentals

Build your security foundation from zero

View category

Ethical Hacking

Learn responsible offensive security workflows

View category

Web Application Security

Attack and defend modern web applications

View category

Network Security

Design, segment, and monitor secure networks

View category

Linux Security

Harden Linux systems for production and audits

View category

SOC & Blue Team

Operate in the SOC: logs, alerts, and response

View category

Cloud Security

Secure cloud workloads, IAM, and logging

View category

DevSecOps

Embed security in CI/CD and cloud-native delivery

View category

Compliance & GRC

Frameworks, controls, and audit-ready evidence

View category

Cryptography

Cryptography concepts for security professionals

View category

Security Tools

Use security tools effectively and responsibly

View category

Outcomes

What you'll gain

  • Follow a consistent IR lifecycle under pressure
  • Preserve evidence and document decisions
  • Handle malware, phishing, and account compromise scenarios
  • Coordinate with SOC monitoring and hardening tutorials

Topics

Skills & topic areas

TriageContainmentEvidencePost-incident review
Incident Response LifecycleInitial TriageEvidence CollectionMalware Incident HandlingPhishing ResponsePost-Incident Review

Go deeper

Continue your learning path

Pair tutorials with structured roadmaps, hands-on labs, and related courses.

Career roadmap

Follow a structured path that connects tutorials to job-ready milestones.

View roadmap

Practice labs

Apply what you learn in guided, hands-on lab scenarios.

Browse labs

Full courses

Graduate to multi-week programs with modules, labs, and assessments.

Explore courses

Ready to start learning?

Open the featured tutorial or browse the full catalog filtered for incident response.

Start featured tutorialBrowse all in catalog