Are you interested in being part of the wider roll out for Spark, our new AI-powered, learning chatbot? Register your interest here.

Home Specialist skills Security SEC555: Detection Engineering and SIEM Analytics

SEC555: Detection Engineering and SIEM Analytics

Build and configure your own detection lab environment
Write detection rules to identify adversary behaviors
Optimize SIEM architecture for better performance and visibility
Perform adversary emulation and analyze related log activity
Evaluate security controls using real log data
Manage and filter high-volume data from diverse sources
Gain expertise in SIEM tools (on-prem and cloud), MITRE ATT&CK mapping, SOAR integration, and detection tracking

Overview

Off the shelf (OTS)

SEC555: Detection Engineering and SIEM Analytics is a hands-on detection engineering training course that teaches students how to design proactive detection strategies and effectively manage SIEM platforms. Through real-world labs and in-depth analysis, participants learn to interpret logs, craft high-quality detection rules, and uncover hidden threats in both cloud and on-premises environments. Whether you're new to detection engineering or looking to sharpen your skills, this course prepares you to extract meaningful insights from complex data and build a more responsive, intelligence-driven Security Operations Center (SOC). It also serves as a valuable preparation path for the GCDA certification (GIAC Certified Detection Analyst), which validates advanced capabilities in detection engineering and data-driven defence.