Security Tools
Security Tools Overview
Master three essential security tools - SIEM, XDR, and Firewall.
Security Tools
SOC Simulator provides three realistic security tool interfaces modeled on production systems. Each tool has its own dashboard with unique capabilities.
Available Tools
SIEM
Log aggregation, correlation rules, and threat hunting queries.
XDR
Endpoint visibility, process trees, and response actions.
Firewall
Traffic analysis, rule management, and threat blocking.
Tool Colors
Each tool has a distinct color to help you quickly identify alert sources:
| Tool | Color | Use Case |
|---|---|---|
| SIEM | Cyan | Log analysis, correlation, threat hunting |
| XDR | Purple | Endpoint detection, process analysis, response |
| Firewall | Green | Network traffic, blocking, rule management |
Common Workflows
Cross-Tool Investigation
Real incidents often span multiple tools. A typical workflow:
- SIEM detects suspicious log patterns (e.g., brute force attempts)
- XDR reveals endpoint activity (e.g., malicious process execution)
- Firewall shows network connections (e.g., C2 communication)
Alert Triage
When an alert appears in any tool:
- Review alert details and severity
- Check related logs or events
- Look for correlated alerts across tools
- Make a triage decision (Escalate, Investigate, Resolve, False Positive)
Skill Tracking
Your progress with each tool is tracked separately:
- Alerts Handled - Total alerts you've triaged
- Accuracy Rate - Correct decisions vs total decisions
- Response Time - Average time to triage
- Techniques Covered - MITRE ATT&CK techniques encountered
View your tool mastery on the Dashboard or Profile page.