In this post I’d like to talk a bit about TryHackMe and my experience working through the SOC Level 1 learning path.

TryHackMe is a learning platform that sends users to virtual machines (VM) they can access through their web browser. Extremely low barrier to entry! Absolutely no previous knowledge is required. I’m not sponsored and TryHackMe did not ask me to write this.

I’m a big fan of theirs. I think the learning paths and rooms (think learning modules) are fantastic hands-on learnings! I learned

• Cyber Defense Frameworks
• Cyber Threat Intelligence
• Network Security and Traffic Analysis
• Endpoint Security Monitoring
• Security Information and Event Management (SIEM)
• Digital Forensics and Incident Response
• Phishing

Each room walks the learner through hands-on learning.  I learned all these tools:

• yara
• opencti
• misp
• mitre
• cyberkillchain
• snort
• zeek
• brim
• wireshark
• sysmon
• sysinternals
• osquery
• wazuh
• splunk
• autopsy
• redline
• linux (a lot!)
• thehive
• phishing

And even more! It’s a great platform. As of this writing it is $14 a month. If you’re not going to use it, don’t sign up, but if you really want to learn these tools and more it’s a great place to get started. You can spend as much time as you want learning these tools in real environments. You can’t break anything because it’s all VMs that start fresh each time the are launched. Getting the chance to work on these environments without setting up all these VMs is a huge time savings.

If you want to play around in there for free you can do that too. There is plenty of free content to get started with and see if you want to pay for the premium rooms and features. It’s worth checking out.