• Level Effect
  • Posts
  • LE No. 12: Home Labs with Neil Desai! CDA Live & DFIR, 100-3 Virtual SOC, Upcoming Content, DE&TH out of Early Access!

LE No. 12: Home Labs with Neil Desai! CDA Live & DFIR, 100-3 Virtual SOC, Upcoming Content, DE&TH out of Early Access!

Weekly Update Feb 4th 2025

Author

Level Effect
February 04, 2025

Welcome to our weekly Level Effect newsletter, designed to keep you informed and updated on our latest activities! Thank you for tuning in. đź“ş

Hello Defender!

We are continuing to cook. Lots of updates on this one!

Let’s dive in!

Table of Contents

1. Brand

SOC100-3 Virtual SOC - Feb 15th

We’re almost there!

This has traditionally only been available at an advanced tier level in the CDA course however you will now be able to finally get your Virtual SOC experience at a Tier 1 Analyst level NEXT WEEK. Feb 15th will be a kickoff stream introducing you to the DFIR process and triaging our first incident live on stream together!

The course itself will then have more incidents for you to work through for you to gain experience as close to being on the job as possible. Like the rest of the SOC100 courses it will be PWYC min. $19 suggested $29 and come with 3 exam attempts for the SOC100-3 certification that will be DFIR scenario focused!

Get ready.

CDA Winter 2025

The Winter cohort is fast approaching! We’ve made some updates to this one with a bit more emphasis now on Log Analytics after moving Email out from it and into SOC100 series. This means that we’ll spend an additional entire week on Log & Event Analytics taking our time through the IR and threat hunting process of it all. This lines up with student feedback that this particular topic is one they wanted more of - so we are delivering just that!

NOTE - class starts March 10th and there are still some spots open that typically start to close up fast towards the start date.

If you want to secure your seat for the 14 week immersive Instructor-led version of CDA, make sure to submit your application as soon as you can on the CDA Live page here: https://www.leveleffect.com/cyber-defense-analyst

CDA DFIR Tease

Dropped this in Discord through the week but here it is - this is the outline we’re looking at for the DFIR content to come as a bonus section to the CDA course!

The CDA course itself right now is actually quite triage, IR, and threat hunting heavy as it would pertain to compromised host analysis. It focuses a lot on persistence, process, and networking so that you should feel confident with the majority of SOC T1 to T2 level tickets. However we felt it would be important to also get into T2+ level content at the end to start you into the DF realm.

This is coming very soon! After this module is out CDA will no longer be on its special launch pricing which we’ll communicate more on.

DE&TH Out Of Early Access!

It’s official! The course is out of early access and loaded with content. ‼️

The last major drip of content dropped last week. That doesn’t mean we’re going to stop adding to it though! We still want to add more and throw in some living updates to the course.

However… that means the early access price is going away February 14th! We’ll send another reminder on this next week, too.

It will go from $225 to $399!

SOC100-2 Cert Next Week

SOC100-2 is wrapping up next week so get ready for the Exam to unlock ! We’ll have full announcements on it on number of questions and such and what to expect…

2. Content

Home Labs: The Good, The Bad, The Ugly!

Having a home lab is essential for cybersecurity and learning technology.

In this 2 hour session we’ll go over different types of home labs, and the pros/cons of each one. Learn how to build the best home lab for YOU and what YOU want to learn. We’ll be looking at cost, functionality, and maintenance levels of each option. Don’t spend huge amounts of money to build a lab to compete with strangers on r/homelab just to have it collect dust or purchase you’ll regret.

  • Understand how to avoid the pitfalls of a home lab.

  • Learn how to scope your home lab for what you are going to learn.

  • Learn how to build a lab on your budget.

Neil Desai has spent 25 years in cybersecurity. He has worked on the defensive/engineering side his entire career. Having grown up with the cybersecurity space gives him a unique perspective.

SOC / IR Tabletop Recording

This was an awesome stream with Fletus that you want to review. Honestly this could have been a mini course and there is easily several hours to unpack here and learn from.

If you wanted to get a sense of why tabletops are important, how to execute them, how to run them and adjust them in real time and then actually DO ONE live on the stream - this is it.

Cyber Threat Intelligence - Feb 8th SOC100 Class 27

This Saturday we open up Cyber Threat Intelligence! This is a huge domain. Intelligence makes cyber risk related decisions relative to your attack surface so you know where you should be spending your time and resources to best secure your perimeter. This area can get super technical, too. You may find yourself digging into IOCs and reverse engineering malware to inform detection teams on what to build rules for!

Report Writing - Feb 9th SOC100 Class 28

On Sunday we dig into a whole class dedicated to one of the most important but overlooked areas in training - REPORT WRITING! With our SOC100 Instructor Luke Rogerson!

As a Cybersecurity professional regardless of role you will be writing tons of documentation over time. Some roles more than others. As an Analyst you will be:

  • Closing tickets with documentation

  • Compiling DFIR reports including timelines and supporting evidence that may also include executive level summaries to communicate upwards

  • Communicating findings for IOCs and IOAs and more!

Here’s Luke below! He’s got a ton of experience with over 10 years in the field with many of it being in technical vulnerability and pentesting level reporting (arguably one of the very heavy report writing roles out there besides GRC!) so get ready!

SOC100 Class 27 Recording

We do a deep dive into Log Analytics with ELK - this is both triage as it is threat hunting in one and showing the importance of working around the Analyst triad of “Persistence, Process, Networking” to build your timeline and investigation.

3. Community

Weekly Monday Shoutouts

As Level Effect continues to grow, we are seeing the frequency increase of student achievements and milestones. So to not spam you daily as it continues to increase we’ll compile a shoutout in the #general channel recognizing your efforts! Keep up the good work everyone. đź’Ş 

We also had some good reviews going on in #general of CDA vs CCD and where to start. Interesting takes from students in the Discord and recommend a read from here:

Also a fun shoutout here from julioz24 finding the report writing in CDA particularly helpful in their day to day work ! awesome to hear!

4. Tools

Big tool discussion or focus this week is DeepSeek: https://www.deepseek.com/

Did you check it out? there’s a whole level of buzz around this right now for a bunch of reasons.

There are security concerns, ease of access concerns and reliability of data, copying others, and so on as with any new tool where a lot is unknown and from a foreign country. However one thing is important to understand… this is a big leap of performance for what is otherwise a free tool that is significantly more performant for the processing power in than other available options both paid and free.

Another point to consider is this - a lot of people seemed upset that deepseek directly ripped off or copied other models. The question remains, were the models it copied from if so not just trained off other data as well, and is that not copying originality too?

At the end of the day though - it’s actually pretty good for what it offers. People like good. People like cheap. People like free.

2025 will shape up to be contentious year more than ever on AI. Keep yourself aware on this scene.

5. Takeaway This Week

âťť

“A falling knife has no handle.”

See you next week!

Reply

or to participate.