Introduction

This repository of information is designed to allow for the creation of a street-to-seat Cyber threat analyst complete with basic networking, server setup, domain setup, tool deployment, threat hunting, and incident reporting. It is by no means all-encompassing of every piece of information in each respective category or to be used as a substitute for learning. Instead, it should allow for new Cyber analysts to have a framework of how DCO is conducted and a springboard for learning each item more in-depth.

It is our hope that with a properly outlined standard operating procedure (SOP), Analysts will feel more confident in their daily tasks or when operating on a customer's network.

The following link is to a GitHub hosting many resources discussed in the documentation here, including Splunk deployment scripts, tool deployment scripts, and VMs:

GitHub - Silvin84/dco: Defensive Cyber Operations Tools and documentationGitHub

If you have any questions or recommendations for further addition, feel free to reach out to any of the developers that made this repository as listed below:

GitHub - Silvin84/dco: Defensive Cyber Operations Tools and documentationGitHub