The “Blue Team Level 1 Certification” course, with course code BTL1-01, focuses on defensive cybersecurity practices and aims to enhance students’ practical abilities in security operations. The course is designed and copyrighted by Security Blue Team.

Course Structure:

  1. Security Fundamentals (BTL1)
    • Covers soft skills, networking basics, security controls, and management principles.
  2. Phishing Analysis (PA)
    • Addresses the importance of phishing, different types of phishing attacks, tactics, and techniques used by malicious actors.
    • Teaches how to analyze emails, retrieve important artifacts, assess risk, and recommend defensive measures.
    • Includes lessons on email analysis, collecting artifacts, analyzing them, and report writing.
  3. Threat Intelligence (TI)
    • Provides insights into threat actors, APTs (Advanced Persistent Threats), and operational, tactical, and strategic threat intelligence.
    • Discusses malware and global campaigns such as Emotet and Magecart.
  4. Digital Forensics (DF)
    • Focuses on digital forensics fundamentals, evidence collection, and analysis.
    • Teaches students about digital artifacts, forensics tools like Autopsy and Volatility, and how to handle digital evidence.
  5. Security Information and Event Management (SIEM) (SI)
    • Introduces SIEM and covers topics related to logging, aggregation, correlation, and analysis.
    • Hands-on activities with Splunk for log analysis and scenario exercises.
  6. Incident Response (IR)
    • Explains incident response concepts, preparation, prevention, detection, analysis, containment, eradication, recovery, and lessons learned.

The course emphasizes the practical application of these skills. To ensure the protection of intellectual property, students are required to adhere to course terms and conditions, which prohibit sharing training materials and may result in legal action for copyright infringement.

The course is instructed by Joshua Beaman and aims to strengthen students’ defensive cybersecurity capabilities.

Reviews by
Average rating:  
 1 reviews
 by 0xn0

Difficulty: 3 out of 5.

I cannot recommend this course/exam more. I wish they had not removed the reporting requirement, but the skills learned in this (entry-level) will set you on the right track. However, BTL2 should not be in your track afterward (check out CCD instead).

Cons-wise, the course is obviously written by several individuals. Why does it matter? Well, the level of English varies. This may have been fixed since I took it back in 2022.