All Courses

Kaspersky Academy

Security Operations and Threat Hunting

  • Length

    Access 6 months

  • Result

    PDF document of completion signed by the course leader(s)

  • For whom

    SOC analysts and specialists, Enterprises

Big companies with complex IT infrastructure need to protect it – or face the consequences of being compromised. Sophisticated attackers can bypass automatic defenses unnoticed. Here’s where Security Operations Center (SOC) comes to the rescue, bringing the expertise and skills of its professionals for upgraded business protection.

Developed by Kaspersky’s own SOC experts, this course offers a comprehensive training to SOC analysts and other staff dealing with security operations. The knowledge you will get is practical and tested: our experts update it daily, provide security to Kaspersky itself and deliver on-site training to clients all over the world.


During the time on the course, you will get to know the diverse roles within a SOC, its services and use cases, get acquainted with the modern attack tactics, techniques, and procedures, and learn how SOC helps deal with them. Within the numerous extensive practice sessions in the restricted areas of the virtual labs, you’ll get an opportunity to develop your skills in incident detection and investigation.


Requirements for participants

  • Good knowledge of operating systems and network protocols

  • Basic knowledge of operating systems, file systems and fundamental principles of networks.

For Whom

  • SOC Specialist

    • Students and professionals with a good knowledge of operating systems and network protocols and a basic knowledge of operating systems, file systems and the fundamental principles of networking. 
    • Experience of programming in any script-based language (Python, Bash, PowerShell, etc.) is highly desirable.

  • Enterprises

    For teams and enterprises focusing on threat hunting.

Our Experts

Sergey Soldatov

Sergey Soldatov

Head of Kaspersky Security Operations Center

Sergey started his career over 20 years ago as a software developer, writing in C and Perl. Currently, Sergey is the head of Kaspersky SOC, responsible for internal SOC activities at the company as well as external managed detection and response and Compromise assessment services. Sergey is a certified information systems security professional (CISSP, OSCP) and auditor (CISA).
Roman Nazarov

Roman Nazarov

Head of SOC Consulting Services

Roman has 13-years experience in Information Security mainly focused on SOC areas. Now at Kaspersky SOC Consulting, he focuses on a complex approach that includes all areas of SOC/MSS/CERT design and architecture, establishing operations and development planning.
Dmitriy Uchakin

Dmitriy Uchakin

Kaspersky SOC Analyst and Researcher

Dmitriy is a Kaspersky SOC analyst, working in operation and research areas. He contributes to Kaspersky SOC’s Threat Hunting activities, like the creation of TH hypothesis, hunting for malicious indicators and converting successful cases into new threat detection rules.

Education Programm

  • Understand the structure of Security Operations Center as a part of security defense services

  • Be able to plan and organize security monitoring in the enterprise

  • Use different threat intelligence sources to find new advanced threats

  • Detect and investigate malicious activity in Windows and Linux infrastructures based on attacker’s tactics, techniques and procedures

  • Learn threat hunting infrastructure based on ELK (Elasticsearch, Logstash, Kibana)

You can also get acquainted with a more detailed course program

Course results

  • Certificate

Training Request

I want to train myself I want to train employees