SOC Foundations Bootcamp
A 10-week instructor-led bootcamp that prepares early-career analysts to read live alerts and triage in a real SOC tempo.
About this program
The SOC Foundations Bootcamp is built around a 24/5 simulated security operations centre with replayable incident streams. Participants spend 70% of contact hours inside the lab, working through queue management, alert triage, and structured handover writing under instructor pressure. The remaining time is spent on mentor reviews, weekly retro sessions, and an end-of-program incident jam where teams investigate a multi-vector intrusion across two business days.
What is included
- Live SIEM lab with replayed traffic from finished investigations
- Tier-1 to Tier-2 escalation drills with structured ticket templates
- Weekly incident review with a working analyst as mentor
- Endpoint, network, and identity log triage tracks
- Capstone: simulated 18-hour intrusion across two business days
By the end of the program
- 01 Run a Tier-1 queue without drowning in alert noise
- 02 Write a handover ticket a Tier-2 analyst can actually use
- 03 Recognise the most common phishing-to-foothold patterns
Frequently asked questions
You can, but the first three weeks will be heavy. We expect roughly 12 hours of study outside class for absolute beginners. If you have never touched a Linux terminal, we recommend our Pre-bootcamp primer first.
From past cohorts
The week-3 alert-triage rubric is what stuck. I still print it and keep it on my second monitor. The content can move fast, but the mentor reviews caught the gaps.
Came in from a backend dev role. The escalation drills with the structured ticket templates were the cleanest part — I was writing handovers I was not embarrassed by within four weeks.
Ready to talk through fit?
We do a 30-minute scenario walkthrough with admissions before any paid intermediate or advanced track. We will tell you honestly if a different program — or no program — would serve you better right now.