One of the most challenging things to learn as a new analyst is a methodology for investigating events. There is just so much information out there on network, host, malware, forensics, etc. This info will make your head spin.
Truthfully, learning analysis takes years, and you will never learn it all. That’s a good thing in my book because this career would get stale if we could learn everything over night. For sanities sake, run your own race and learn at your own pace. This blog will walk through the steps you should be taking when you are triaging alerts as a new cyber security analyst.
Ok, enough pep talk. Let’s get to it