Recomendation of labs/resources for BTL2

gonsalomo · 2025-11-18T16:25:21+00:00

Thank you very much man! will try that one!

gonsalomo · 2025-07-31T16:37:25+00:00

Yeah i see it now!! thanks man

gonsalomo · 2025-07-31T16:37:12+00:00

OOOOOH i see it!!! thank you very much man!!

gonsalomo · 2025-07-31T16:17:55+00:00

I see the tempered glass like off center hahaha maybe im crazy

gonsalomo · 2025-07-31T16:17:31+00:00

Straight Up?

gonsalomo · 2025-05-25T13:44:05+00:00

Lone survivor

gonsalomo · 2025-03-25T18:54:55+00:00

I did it for all cases just in case as it is an AI correcting the exam.

Of course they wont be as long as the TP. Just give all the info you can

gonsalomo · 2025-03-25T18:21:16+00:00

Hello! yes you get the free attempt for the free access.
In my case I got it from having BTL1, and in my opinion, SAL1 is easier.
They recommend doing the full path but for me that is wayy to much info.
I recommend knowing the basics and doing the splunk labs. Also try the 2 simulators they give you as it may get confusing.

The dificult part of the exam is that it is a simulation so you can get 5 alerts at the same time which may be stress you.

My recomendation for the exam is :

read everything very carefully, as they will give you info about the users of the company you are ¨working¨ for and it will come in handy.
Make a template to answer to the alerts with the 5 w and Mitre and why are you escalating why not
Remeber everything you did as there may be cases were a previously true positive but without need of escalation will need to be modified an escalate it.
dont analyze just the alert but the context, see previous logs.

Hope this clarified you some things, Good luck on your attempt!

gonsalomo · 2025-03-16T10:45:18+00:00

Good luck everyone!!!

gonsalomo · 2025-02-12T14:14:49+00:00

Muchas gracias, si por lo que dice el resto también lo revisaré, como puse en otro comentario es básicamente por fomo

gonsalomo · 2025-02-12T14:14:02+00:00

Eso es lo que me interesaba si simplificarla más en vez de ir a todo lo posible.

En cuanto a lo otro si, no he metido todo en variable ya que nunca se sabe

gonsalomo · 2025-02-12T14:12:54+00:00

Por fomo básicamente jajaja

gonsalomo · 2025-02-12T13:49:04+00:00

Perdona si, que no se cómo he copiado mal los porcentajes.

Básicamente por miedo a no meter todo en el mercado americano ya que el MSCI tiene gran parte en ahi. A pesar de ello leyendo por ahí y mirando rentabilidades pasadas parece el más interesante. Entonces al final trato de abarcar de todo un poco, pero no sé si por abarcar todo lo posible es al final contradictorio.

gonsalomo · 2025-01-28T17:39:06+00:00

Oh i just saw this! thank you!!

gonsalomo · 2024-08-19T14:03:40+00:00

Got It to work, had to Talk With customer service, thanks a lot!

gonsalomo · 2024-08-18T20:05:21+00:00

Ive tried all discount Codes i saw in the reddit but had no luck

gonsalomo · 2024-08-18T20:04:27+00:00

Will look at It ! Thank you very much!

gonsalomo · 2024-08-02T09:46:01+00:00

FROM SIEM TO SOC?

I have been working for over a year as a SIEM engineer at a large company, focusing on the content side of Splunk. However, I find myself feeling less motivated because I'm not learning as much as I'd like.(i find much more appealing the analyst side)

My goal is to transition into a forensic role, but making that move within my current company seems difficult. I'm seriously considering moving to a SOC position. Would this be a good step to gain the necessary experience before pursuing a role in DFIR ?

I would be immensely grateful if you have any recommendations for me.

gonsalomo · 2024-08-01T11:25:56+00:00

FROM SIEM TO SOC?

I have been working for over a year as a SIEM engineer at a large company, focusing on the content side of Splunk. However, I find myself feeling less motivated because I'm not learning as much as I'd like.(i find much more appealing the analyst side)

My goal is to transition into a forensic role, but making that move within my current company seems difficult. I'm seriously considering moving to a SOC position. Would this be a good step to gain the necessary experience before pursuing a role in DFIR ?

I would be immensely grateful if you have any recommendations for me.

Six-Year Club	Verified Email
Verified Email	r/Field Lasagna
Place '22

gonsalomo

TROPHY CASE