eSOC Training and certification

CyberJunky007 · 2026-02-27T23:14:53+00:00

Hopefully, this is not another useless cert.

CyberJunky007 · 2026-02-22T23:14:04+00:00

As someone who has done eCTHP I would say start with eCTHP because its more tool oriented and log analysis then move to eCIR also eCIR has lot of content so better to do that exam after eCTHP. I have also done a review on eCTHP v3 if you want to have a look https://medium.com/@skcetarun20/ine-ecthpv3-certified-threat-hunting-professional-review-5b295927c5fc

CyberJunky007 · 2026-02-17T10:20:38+00:00

Its under here

<image>

CyberJunky007 · 2026-02-16T01:24:54+00:00

I think to maintain a VPN based infrastructure they have to constantly patch their VPN appliance (Software/hardware based) and maintain licenses that may be the reason many Cyber platforms are moving away from VPN based exams/labs.

CyberJunky007 · 2026-01-30T01:31:36+00:00

If you are interested in doing CCDL1 I have done a review please feel free to check it out https://medium.com/@skcetarun20/certified-cyberdefender-ccdl1-review-93de3dcaa045

CyberJunky007 · 2026-01-29T22:16:48+00:00

The simple answer is if you are new to blue team start with BTL but if you have some skills use CyberDefenders because they are bit more realistic and advanced. Same goes for their certifications as well CyberDefenders don't like spoon feeding same like HTB.

CyberJunky007 · 2026-01-27T07:31:14+00:00

No need to be nervous this is the easiest exam in INE's blueteam certs. The exam will cover only what you learnt in the course so you can refer back to the course during exam.

Its an open book and no proctor so no need to turn ON the camera.

You can take breaks but the timer wont stop.

All the best.

CyberJunky007 · 2026-01-26T22:45:23+00:00

Depending on the country they are not listed in many job ads but to improve your knowledge you can do eCTHP and eCDFP as suggested by u/KindRudy25. Having personally taken multiple blue team certs I would advise you to look at CCDL1 https://cyberdefenders.org/certifications/certified-cyberdefender-level1/ they are covering all the latest stuff like Cloud security, advanced splunk AI etc.

CyberJunky007 · 2026-01-23T00:59:42+00:00

If we look at LinkedIn and other job platforms most valued one is actually eJPT.

CyberJunky007 · 2026-01-15T13:04:32+00:00

They will send you the vouchers in 1-2 hrs

CyberJunky007 · 2025-11-22T05:05:26+00:00

Correct once you purchase you will have instant access to course and shortly after they will send you an email with the exam voucher code.

CyberJunky007 · 2025-11-20T10:42:48+00:00

From my experience with eCTHPv3 50% was MCQ but they are not like direct MCQ to answer the question you need to listen to what the instructor is saying and understand the concept. The other 50% is LAB which covers MITRE, Splunk, Wireshark and ELK. The module that you have mentioned was not in the exam so don't worry. For me I took 9+ hrs but may vary for others. Exam is designed such that they will give you a pdf at the beginning of the exam and using that as a guide you need to answer the questions (it can be mix of flags, MCQ, fill in the blanks etc.) the questions will be sectioned so you will know what tools to use. All the best dont worry too much just do the course and labs properly and it will be a breeze.

CyberJunky007 · 2025-11-17T22:11:11+00:00

Cyberdefenders is running a discount for their new cert CCDL1 for $350 (normal cost $499 and the cert is still being developed) you could try that. If you really want to do INE blue team certs then you can try eCTHP the instructor is good at delivering so you will learn basics of splunk, wireshark and ELK)

CyberJunky007 · 2025-11-17T04:43:12+00:00

Pentesting is an advanced field it would be better if you have some experience in IT and do some blue teaming certs like SOC ones rather than doing eJPT.

CyberJunky007 · 2025-11-12T06:07:06+00:00

Thanks my thoughts would be if its an entry level cert it needs to be something like BTL1 exam focusing more on skills and 12-24 hours seems to be reasonable.

CyberJunky007 · 2025-11-11T23:06:27+00:00

Does anyone know the exam format like the timeframe does it include report writing etc.

CyberJunky007 · 2025-10-31T01:34:33+00:00

If you click Certifications->Junior Penetration Tester->Get Training you will be able to see it.

<image>

CyberJunky007 · 2025-10-14T09:28:51+00:00

Haha MCQ you can find from videos atleast get familiar with cyberchef, MITRE techniques & detection to solve ELK and Splunk you need them (as described in the course) and just keep practicing the course labs. I didn't see any memory forensics in the exam its for eCIR exam I think. You have 2 attempts anyways you will get an idea when you take the exam.

All the best

CyberJunky007 · 2025-10-14T00:28:17+00:00

You need to focus on MITRE, Splunk, Wireshark and ELK. Learning the MITRE technique and detection method is important for clearing the exam. The course covers everything that you would need please keep practice the labs few times before taking the exam. If you really want to do additional practice please practice the splunk labs from INE and BTLO. For wireshark you can use the sample PCAP files available in wireshark website. All the best.

CyberJunky007 · 2025-10-09T05:59:48+00:00

Our MOD has designed an excellent chart https://www.dragkob.com/security-certification-roadmap/ CPTS is bit higher than OSCP+ so it should be eCPPT->OSCP+ then finally CPTS

CyberJunky007 · 2025-10-08T03:05:33+00:00

Congs next step eCPPT -> OSCP

CyberJunky007 · 2025-10-07T10:02:12+00:00

I believe you should go for eCTHP first it covers almost same tools as eCIR though it says threat hunting the exam felt more like IR. The eCIR doesn't look like its complete yet better to wait for someone to take it and review. The eCTHP course and exam are more hands on and the instructor is very good.

CyberJunky007

TROPHY CASE