3 Mounts



academic hours


Course Opening Date

Mon + Thu 17:30-21:30

Days & Hours

  • About the course
  • Credentials
  • Study Divisions
  • Lecturers
  • More Courses


Program Purpose

Training of professionals to implement monitoring and control (SIEM/SOC) or serve as initial response teams for information security events. This Analyst Course provides the theoretical knowledge of infrastructure required for monitoring positions and practical experience with the various tools used in control rooms (Security Operation Center). The course will provide you with deep understanding of best practice technologies, techniques and work instructions in these fields. The curriculum includes a combination of lectures, guided experiences, and self-practice in advanced laboratories.

Read more


Target Audience

People who have knowledge of ICT infrastructure: computer communication and basic familiarity with of operating systems.


Suitable for graduates of the cyber basics and network managers course.


Read more


Admission conditions

Read English, knowledge of operating systems (Microsoft and Linux environment), knowledge of computer communication.

Practical experience in technical support, networks and systam - an advantage.

Suitable for graduates of the cyber entrance course and network management.

Read more



9,900NIS including VAT and registration fees.

Read more



See Security is known as a college with the highest level of study, conducted in a social and cooperative learning atmosphere. The professionals, IT managers in Israel and employers of all kinds, are well acquainted with the college and its demands from the students and prefer to take in the ranks of graduates who have been filtered, trained, and tested through their studies in the college.

Read more


Format and scope of studies

Program duration: 100 hours of study, in a format of 20 evening sessions between 17:30 and 21:30.

The studies take place on the See Security campus in Ramat Gan and in an online broadcast, intermittently.

In addition: 200 hours of lab tasks and personal study in Sentinel, QRadar, splunk and more.


Read more


Curriculum Tasks

Analyst Course - 80% attendance required

Each module requires the completion of an internal test and/or work score of at least 70

Technical topics: Practice in the classroom (Hands-on) and independently


Read more


More about the program

The program "SOC Analyst and Incident Response Supporters" is designed to train cyber event analysis experts at SOC Command and Control Center. The course deals with critical core issues in operating cyber monitoring centers and initial response teams for cyber events.

To become analysts, you study the secrets of core activity in this field, thoroughly.

In addition, you learn the theoretical aspects that are behind their responsibilities and the active actions that they are required to carry out when a cyber incident is suspected.

The Monitoring Man must understand his corporate information security architecture in the routine. When a cyber event occurs, it is its responsibility to identify routine or malicious activity in the organizational communication array using the monitoring and control tools, to analyze in general and initial lines the nature of the activity and its possible consequences, to contain the event while initiating it and to provide a basic infrastructure for recovery after the harm is removed.

Graduates of the course will be able to work as a cyber/SOC analysts.

Read more




Study Divisions

  • Getting to know the basic concepts of information and cyber security
  • Initial introduction to information security solutions
  • Getting to know cyber defense modules
  • Layered protection
  • Types of attacks
  • Become femiliar with the the attacker's work
  • SOC environment
  • Different SOC types
  • SOC technologies
  • Work circuits in SOC
  • Customer connection processes
  • Initial introduction to SIEM systems
  • Basics of SIEM systems
  • Getting to know the leading SIEM systems
  • SIEM technologies
  • Collecting information for the SIEM system
  • Primary data analysis
  • Getting to know monitoring software
  • Detection of attack events in the DNS and HTTP environment
  • Detection of network attacks using the TCP-IP protocol
  • Analysis of network communication events
  • Endpoint event analysis
  • Email event analysis
  • Firewall event analysis including IDS
  • Analysis of information leakage events
  • Analysis of network access events
  • Analyzing harmful events
  • Network component hardening
  • Identifying attack trends
  • Attack vectors
  • Use of cyber intelligence to identify and analyze events
  • Introduction to cyber incident investigation
  • Action methods in events investigation
  • Monitoring and detection tools in Microsoft operating systems environments
  • Dealing with security events in Windows and Azure environment
  • Getting to know SIEM systems from leading manufacturers
  • Defining queries and investigating logs
  • Analysis and identification of cyber incidents in SIEM systems
  • Defining queries and investigating logs
  • Analysis and identification of cyber incidents in SIEM systems