Introduction

This repository of information is designed to allow for the creation of a street-to-seat Cyber threat analyst complete with basic networking, server setup, domain setup, tool deployment, threat hunting, and incident reporting. It is by no means all-encompassing of every piece of information in each respective category or to be used as a substitute for learning. Instead, it should allow for new Cyber analysts to have a framework of how DCO is conducted and a springboard for learning each item more in-depth.

It is our hope that with a properly outlined standard operating procedure (SOP), Analysts will feel more confident in their daily tasks or when operating on a customer's network.

The following link is to a GitHub hosting many resources discussed in the documentation here, including Splunk deployment scripts, tool deployment scripts, and VMs:

If you have any questions or recommendations for further addition, feel free to reach out to any of the developers that made this repository as listed below: