SOC & Blue Team tutorials
Operate in the SOC: logs, alerts, and response
Build blue-team skills with SIEM fundamentals, alert triage, log analysis, and incident response workflows using tools like Wazuh, Splunk, and ELK.
Featured in this category
Curated learning path
SOC Analyst Foundation: Logs, Alerts and Incident Response
Core SOC workflows with labs, alert scenarios, and IR playbooks.
2
Curated tutorials
…
In catalog
6
Topic areas
Tutorials in this category
Hand-picked courses to start with, plus additional tutorials from the PentesterWorld catalog.
SOC Analyst Foundation: Logs, Alerts and Incident Response
Core SOC workflows with labs, alert scenarios, and IR playbooks.
Includes: SOC labs · Checklists · IR scenarios
Start tutorialSecurity Monitoring with Wazuh, Splunk and ELK
Practical monitoring, detection rules, and investigation across major SIEM stacks.
Includes: Detection rules · SIEM labs · Dashboards
Start tutorialWhat you'll gain
- Triage alerts and investigate suspicious activity
- Use SIEM dashboards and detection logic
- Document incidents with clear timelines and evidence
- Progress from SOC basics to threat hunting tutorials
Skills & topics covered
Topic areas
- SOC Analyst Basics
- SIEM Fundamentals
- Log Analysis
- Wazuh Monitoring
- Splunk Alert Investigation
- Threat Hunting Basics
Ready to go deeper?
Continue with the full tutorial catalog or follow a structured roadmap for this career direction.