BohanSec

Why should you use Rangeforce to level up your SOC skills?

Alt

Disclaimer

I do not work for Rangeforce or affiliate with Rangeforce, this post purely reflects my experience with the platform itself.

A couple of days ago, I finished the “SOC 2 Battle Path” on the Rangeforce platform. This is one of the platforms that really broaden my knowledge on SOC, expose me to a few new tools, and make me more confident in preparing for my job. If you don’t know what Rangefoce is, it’s a platform specifically designed to level up your SOC skills. There are several different battle path, but “SOC 1 Battle Path”, “SOC 2 Battle Path”, and “Threat Hunting Battle Path” will prepare you or advance your blue team skills.

What “SOC 2 Battle Path” covers?

  • PACP Analysis
  • AD Rights Mangement and GPO
  • IDS / IPS rule writing and mangement
  • PowerShell Basics, Powershell Logging, Bash Scripting
  • System Journal
  • LOKI Scanner
  • FortiOS Firewall
  • Vulnerability Mangement
  • OpenSCAP
  • Splunk
  • and more..

Each section requires you to perform certain tasks in order to count as finished. My favorite thing about Rangeforce is that the reading material for each section is quite short, however, there is always a hands-on perspective on every single thing you learned. For example, When learning PowerShell Logging, the lab requires you to actually enable the PowerShell Logging on the system and send the log to your SIEM. In the Splunk Module, you perform an IR on the system to locate where the malware is, and perform proper eradication for that specific malware. When dealing with IDS / IPS, you perform a live response on the ongoing attack on the system by read the logs and add rules to the IPS to stop the attack. When doing OpenSCAP, you perform a compliance check on a remote system to ensure the configuration complies. Part of the labs will have hints to assist you to move forward if you get stuck. This is particularly nice if the stuff you are learning is completely new to you.

There are other perspectives RangeForce can offer you if you want to explore more. For instance, while I did my “SOC 2 Battle Path”, I also spend a little extra time exploring the SOAR, QRadar, and the FortiOS firewall exclusively. So, if you want to learn a security product instead of going through the whole Battle Path, there is always something for you. As they are adding more vendors to the platform, I believe there will be more and more quality content on the platform available.

The toughest part for the SOC 2 Battle Path perhaps it is the “Botnet Challenge” path, it won’t necessarily teach you how to “actually” take down a botnet, but really test your scripting skill. I found this challenge is quite fun, and feel a sense of satisfaction after complete it.

Overall, I highly recommend you to try one of the battle paths if you want to get some hands-on experience with tools used in a SOC, and level up your skills to the next level. Plus, you will get a nice badge from RangeForce after you complete the path :) That’s it for today, happy defending!

soc2