Certified SOC Analyst (CSA)

Section 01

01. At a Glance

About the course

EC-Council's Certified SOC Analyst is the entry-level credential for blue-team careers — the badge most BFSI SOCs look for on a fresher's CV. Macksofy delivers it instructor-led, with hands-on Splunk + ELK lab time and incident-response playbooks lifted straight from our own engagements.

Section 02

02. Who Is This Course For

• Aspiring SOC analysts (Tier-1, Tier-2)
• Network admins moving into security operations
• MSSP staff seeking certification

Prerequisites

• Basic networking and OS knowledge

Section 03

03. What You Will Be Able To Do

• Operate a SIEM (Splunk / ELK) for log analysis and alerting
• Triage and escalate security incidents using MITRE ATT&CK
• Build threat intelligence pipelines
• Pass the EC-Council CSA (312-39) exam

Section 04

04. Curriculum — 7 Modules

Module structure and topic coverage authored by Macksofy Technologies based on the publicly-published vendor syllabus, current as of the issue date of this brochure. Vendor reserves the right to revise content; Macksofy keeps cohort material aligned to the latest release.

1. Module 01

   Module 01 · Security Operations and Management

   4 topics
   • SOC structure (L1 / L2 / L3 / SOC Manager)
   • SOC capabilities & maturity models
   • SOC workflow, escalation matrix, SLA / OLA / KPI
   • Compliance — RBI CSF, SEBI CSCRF, ISO 27001
2. Module 02

   Module 02 · Cyber Threats, IoCs, and Attack Methodology

   4 topics
   • Threat actor profiles & motivations
   • Cyber Kill Chain & MITRE ATT&CK
   • IoCs — atomic, computed, behavioural
   • Web app, network and host-level attacks
3. Module 03

   Module 03 · Incidents, Events and Logging

   4 topics
   • Event vs alert vs incident
   • Log sources — Windows, Linux, network, application, cloud
   • Sysmon configuration (industry-standard ruleset)
   • Log management lifecycle
4. Module 04

   Module 04 · Incident Detection with SIEM

   4 topics
   • SIEM architecture & deployment
   • Splunk SPL — searches, alerts, dashboards
   • ELK pipeline — Logstash, Elasticsearch, Kibana
   • Use-case development (auth bruteforce, lateral movement)
5. Module 05

   Module 05 · Enhanced Incident Detection with Threat Intelligence

   4 topics
   • Integrating CTI feeds (MISP, commercial)
   • IOC enrichment & contextualization
   • Threat hunting hypotheses
   • Sigma rule writing — cross-SIEM detection
6. Module 06

   Module 06 · Incident Response

   4 topics
   • NIST IR lifecycle (Prepare → Detect → Contain → Eradicate → Recover → Lessons)
   • TheHive + Cortex case management
   • Phishing, ransomware, malware response playbooks
   • CERT-In incident reporting (6-hour rule)
7. Module 07

   Capstone · 24-hour mock SOC shift (Macksofy)

   3 topics
   • Real attack scenarios injected into Wazuh + ELK + Splunk lab
   • End-to-end IR documentation
   • Stakeholder briefing exercise

Section 05

05. Tools You Will Operate

Section 06

06. Career Outcomes

Section 07

07. Placement Support

Macksofy's placement desk works directly with 80+ hiring partners across India and the UAE. Resume coaching, mock interviews and direct intros included.

• 1:1 resume + LinkedIn rewrite with our hiring desk
• Mock interviews with active practitioners
• Direct intros to BFSI, fintech and Big-4 partners
• UAE placement support (Dubai, Abu Dhabi)

Section 08

08. Why Macksofy

• Vendor-true delivery — Macksofy is an EC-Council Accredited Training Center (ATC) delivering practitioner-led bootcamps with exam-prep support.
• Practitioner-led delivery — every Macksofy instructor is a working OSCP / OSWE / OSEP / CISA-certified consultant on real client engagements during the week.
• Mentor support until you pass — extended access to mentor office hours and exam-day prep at no additional cost.
• Placement desk — Macksofy works with 80+ hiring partners across India and the UAE; your post-course resume, portfolio review and mock interviews are included.
• Indian classroom + online cohorts — onsite delivery in Mumbai BKC and Hyderabad HITEC City; live virtual cohorts pan-India with recordings.

Section 09

09. How to Enrol

1. Submit the enquiry form at macksofy.com/contact or call +91 99308 24239.
2. A Macksofy advisor will respond within 4 business hours with the next batch dates, payment terms and invoice.
3. Confirm enrolment via NEFT / RTGS / corporate card. EMI options available for select courses.
4. Receive welcome kit, lab credentials and the cohort calendar within 24 hours of confirmation.