#triage
6 articles

Windows Event IDs Cheat Sheet: The 31 That Matter
Windows event IDs cheat sheet for SOC analysts: 31 essential security event IDs covering auth, process execution, log tampering, and lateral movement.

Common Ports Cheat Sheet: 42 Ports SOC Analysts Memorize
Common ports cheat sheet for SOC analysts — master the 42 TCP/UDP ports that appear in firewall logs, SIEM alerts, and security interviews every single day.

How to Analyze a Phishing Email: SOC Walkthrough
A step-by-step SOC workflow to analyze a phishing email: safe handling, header forensics, URL and attachment triage, and a documented verdict.

Alert Triage: Real Threats vs False Positives
Alert triage is the core SOC skill — learn the framework analysts use to assess severity, confirm IOCs, and separate real threats from false positives.

SOC Analyst Interview Questions: 30 With Answers
SOC analyst interview questions decoded: what interviewers test, sample answers, and log examples to study before your first security ops interview.

What Does a SOC Analyst Do? The Role, Explained by Tier
What does a SOC analyst do? A tier-by-tier breakdown of the role, a realistic daily shift, tools, skills, and common myths — for career switchers.