π΄ Live Sessions β taught in real time, recorded for replay
π΄ Duration: 10 Weeks
π΄ Starts: April 2026
π΄ Weekend Days
π΄ Time: 5 AM EST (10 AM UK / 1 PM Dubai / 2 PM Riyadh / 4:30 PM India)
π Certificate of Completion + portfolio-ready capstone
β 4.8 / 5 on Trustpilot β trusted by thousands of cybersecurity professionals
π Early Bird: $399 β save $100 with code SOC2026 (limited time). Standard price returns to $499. Platinum Members enroll FREE.
Why SIEM & SOAR?
Cyber threats are growing in volume, speed, and complexity β and organizations need real-time visibility and automated response to stay secure.
SIEM and SOAR form the foundation of modern Security Operations Centers (SOC), enabling security teams to collect, correlate, detect, and respond to security incidents efficiently and at scale. Professionals with hands-on SIEM and SOAR implementation skills are in high demand across enterprises and government organizations.
Whether you work in SOC operations, blue team, incident response, or cybersecurity engineering, this workshop is your gateway to practical security operations expertise and real-world defensive capabilities.
Who This Workshop Is For?
This is the right cohort for you if you work in (or want to break into):
β’ SOC operations β analyst, engineer, manager
β’ Blue Team & Threat Detection
β’ Incident Response & Digital Forensics
β’ Cybersecurity Engineering
β’ Cloud Security & DevSecOps roles touching detection
β’ GRC professionals who need real technical depth in detection & response
β’ Career switchers moving from networking, sysadmin, or IT support into security
This is NOT vendor product training. You'll learn principles, architectures, and workflows that translate to ANY SIEM or SOAR platform β Splunk, QRadar, Microsoft Sentinel, Elastic, Wazuh, Cortex XSOAR, Splunk SOAR, Tines, and more.
Prerequisites: Foundational understanding of networking (TCP/IP, DNS, HTTP), operating systems (Windows + Linux basics), and core security concepts (CIA triad, common attack types). No prior SIEM experience required β we start from architecture and build up.
What You'll Master in 10 Live Sessions
By the end of this workshop, you'll be able to:
β
Architect a SIEM & SOAR stack end-to-end β data sources, parsers, correlation engines, playbooks, dashboards, and reporting layers.
β
Deploy and configure a SIEM platform β log collection, parsing, normalization, correlation rules, tuning, and alerting strategies that don't drown your analysts in noise.
β
Build SOAR playbooks that automate triage, enrichment, containment, and response β turning hours of manual work into seconds of orchestrated action.
β
Detect, analyze, and respond to real-world threats β phishing, ransomware staging, lateral movement, data exfiltration, insider threats, and cloud attacks.
β
Integrate SIEM & SOAR with EDR, firewalls, IAM, threat intelligence feeds, ticketing systems, and the rest of your SOC stack.
β
Operate and mature a SOC β KPIs and metrics that matter, MTTD/MTTR reduction, detection engineering workflows, and continuous tuning.
β Walk away with a portfolio of working detections, playbooks, dashboards, and an end-of-cohort capstone project you can show in interviews.
Real Hands-On β Not Just Theory
π§ͺ 30+ Hands-On Labs in a real cloud-based SIEM/SOAR environment β provisioned for you, no setup hell.
π οΈ Vendor-Agnostic Skills β work with industry-standard platforms so the muscle memory transfers anywhere you go.
βοΈ Live Attack Simulations β your instructor launches simulated attacks; you detect, investigate, and respond in real time.
π Portfolio Artifacts β every detection rule, playbook, and dashboard you build is yours to keep and showcase.
π Capstone Project β design a complete detection-and-response architecture for a fictional company, defend it in a live review, and walk away with something employers actually want to see.
Your 10-Week SIEM & SOAR Curriculum
A practical, build-as-you-go journey from raw logs to a fully orchestrated SOC.
Week 1 β SOC, SIEM & SOAR Foundations
How modern SOCs are structured. The role of SIEM, SOAR, EDR, and threat intel in the detection & response stack. Tier 1 / Tier 2 / Tier 3 analyst workflows. Where you fit and how to grow.
Week 2 β Log Sources & Data Engineering
Windows Event Logs, Sysmon, Linux auditd, firewalls, proxies, EDR, cloud (AWS, Azure, M365). Parsing, normalization, log quality and what "good" telemetry looks like.
Week 3 β SIEM Deployment & Architecture
Hands-on: deploy and configure a SIEM (Splunk / QRadar / Microsoft Sentinel / Elastic / Wazuh β vendor-agnostic concepts, lab on industry tools). Indexes, data models, role-based access, dashboards.
Week 4 β Correlation Rules & Detection Engineering
Writing real detection rules mapped to MITRE ATT&CK. Brute-force, lateral movement, privilege escalation, ransomware behavior, data exfiltration. Tuning to kill false positives.
Week 5 β Threat Intelligence Integration
Feeding IOCs into the SIEM. Enrichment, threat scoring, MISP, OSINT sources. Building dashboards that actually drive decisions.
Week 6 β SOAR Fundamentals
What SOAR really is (and isn't). Playbooks, connectors, case management. Tour of leading platforms (Cortex XSOAR, Splunk SOAR, Tines and similar) and the patterns that work everywhere.
Week 7 β Building Real SOAR Playbooks
Hands-on: build playbooks for phishing triage, malware containment, suspicious login response, and user account compromise β including approval gates, enrichment, and ticketing integration.
Week 8 β Incident Response in Action
End-to-end IR: detect β triage β contain β eradicate β recover β lessons learned. Live IR simulation: a real attack chain investigated in your SIEM and resolved with your SOAR playbooks.
Week 9 β SOC Operations & Maturity
SOC metrics that matter (MTTD, MTTR, dwell time, false-positive rate). Shift handovers, runbooks, escalation, KPIs leadership cares about. How junior analysts get promoted.
Week 10 β Capstone Project + Career Lab
Capstone: own a simulated breach end-to-end in your own SIEM + SOAR environment. Plus: SOC analyst CV review, interview prep, common SOC interview questions, and how to position the workshop on LinkedIn.
Why InfoSec4TC β and Why You Should Trust This Workshop?
This isn't a recorded course or a generic "intro to SIEM" video.
You're learning live from instructors who have built and run real Security Operations Centers β including SOCs for banks, telcos, government agencies, and enterprises across the Middle East, Europe, and North America.
What you get with InfoSec4TC
β
Live, instructor-led sessions (not pre-recorded)
β
Hands-on labs and SOC simulations every week
β
Vendor-agnostic skills that transfer across Splunk, QRadar, Sentinel, Elastic, Wazuh, Cortex XSOAR, Splunk SOAR, Tines and more
β
Real attack scenarios investigated end-to-end
β
Capstone project you can show in interviews and on LinkedIn
β
SOC analyst CV review + interview prep included
β
Lifetime access to recordings and lab materials
The numbers behind InfoSec4TC
β 4.8/5 rating on Trustpilot from real students
π 12,000+ professionals trained worldwide
π 180+ countries reached
π Trusted by Fortune 500 security teams and government agencies
Trusted by 12,000+ Security Professionals β and Backed by a 7-Day Money-Back Guarantee
At InfoSec4TC, trust isn't a tagline β it's earned. Our 4.8/5 Trustpilot rating comes from thousands of working security professionals who took our trainings and got real results in their SOC careers.
And we put our money where our mouth is:
π 7-Day Money-Back Guarantee. Join Week 1 β if it's not the most practical SIEM & SOAR training you've ever taken, email us within 7 days for a full refund. No questions asked.
You shouldn't have to gamble to upgrade your career. We don't ask you to.
π© Need Help or Have Questions?
We're here to support you on your cybersecurity journey.
For any inquiries, feel free to reach out to us:
π§ Email: infosec4tc@infosec4tc.com
π¬ WhatsApp: +971 52 511 5498
Your success is our mission β don't hesitate to get in touch!