Resources
Professional templates and cheat sheets for SOC analysts. Download and customize for your own use.
Templates
Ready-to-use documentation templates for incident response and analysis workflows.
Incident Report Template
TemplateStandard incident report format following industry best practices. Includes alert summary, investigation steps, findings, resolution, and ticket notes.
Ticket Notes Template
TemplateTicketing system documentation format. Includes concise format for ticketing systems and detailed format for documentation.
Phishing Analysis Template
TemplateComprehensive phishing email analysis template. Includes email header analysis, URL/IP reputation checks, IOC extraction, and verdict documentation.
SOC Notes & Cheat Sheets
Quick reference guides for common SOC tasks, queries, and indicators.
Common Ports Cheat Sheet
Quick reference for common network ports and their typical uses in SOC analysis. Includes well-known ports, registered ports, and common malicious ports.
Windows Event IDs Reference
Comprehensive reference for Windows Event IDs used in SOC log analysis. Includes authentication events, process events, network events, and common queries.
SIEM Query Notes
Common SIEM queries and search patterns for SOC analysis. Examples in Splunk SPL syntax but concepts apply to other SIEMs.
Phishing Indicators Guide
Quick reference guide for identifying phishing emails and campaigns. Includes email header indicators, content analysis, URL analysis, and IOC types.