Blue Team Level 2
BTL2 HAS LAUNCHED!
The first 100 orders will receive a gold commemorative challenge coin titled “First 100 Defenders” when they pass the BTL2 exam, also receiving their silver or gold coin depending on their score. (First 100 students will be emailed on Friday confirming their reward).
lessons, activities, and tests
CLOUD LABS WITH 120 HOURS OF ACCESS
ACCESS TO THE TRAINING MATERIAL
certification launch price (-25%) for 31 days ONLY
BTL2 Academic Advisory Board & Technical Writers
With almost 100 years experience in the security industry, these security experts have ensured that the content and practical exam for BTL2 are scoped correctly, and reflect industry best-practice. This ensures that our students will have the most beneficial experience, and get the most value out of our certification.
WHY TAKE OUR TRAINING?
We may be a “new” training company, as we were founded in early 2020, but we have proven that our training changes lives. Our students have broken into industry or secured promotions as a result of taking our certifications. We have developed the skills of entire security teams and forged stronger technical defenders. Don’t believe us? Believe them! Read our BTL1 success stories at the link below. We’ll look to release BTL2 success stories after the certification exam is released.
A hands-on defensive security training course and certification, showcasing advanced practical ability in defending networks and systems from sophisticated cyber threats. No more multiple choice exams, get genuine security operations experience with content developed by industry experts and a challenging practical assessment.
- 5 months access to our on-demand training course
- 5 months access to our brand-new lab platform & 120 hours of lab time
- Step-by-step guides to setup your own small-scale labs to keep learning even after the course
- 2 exam attempts (initial and a free resit, with feedback after each exam)
- Dedicated student forum supported by SBT staff
- BTL2 Acclaim digital badge and badge on Blue Team Labs Online
- High quality PDF certificate and physical card certificate
- BTL2 silver challenge coin or gold if score 90% or above on first exam attempt
- All of the above
- Team Leader management portal. Track course and lab progress for all your team members
- Corporate discounts starting at 3 students (including voucher scheme to ‘buy now, use later’)
- Corporate discounts for Blue Team Labs Online, BTL1, and BTL2 bundles
benefits of btl2
BTL2 is designed to strengthen technical defenders that already have experience and exposure to security operations. BTL2 will develop you in niche areas that make you stand out as an advanced defender. Below are some examples of the skills and experience you will gain.
- Identify, analyze, prioritize, and remediate vulnerabilities to effectively reduce risk.
- Conduct static and dynamic malware analysis to gather indicators of compromise and document details of the malware’s purpose and utilized techniques.
- Writing SIEM detection rules and tuning them to ensure they’re as efficient as possible by conducting adversary emulation activities.
- Perform threat hunts to detect adversaries that have already breached the perimeter.
Who is the course for?
BTL2 is aimed at security professionals with 2-4 years experience in a practical role, but can be suitable for individuals with less experience provided they can commit to the intense training. Roles that we believe would benefit from this course include:
- Mid-Senior Security Analysts
- Mid-Senior Incident Responders
- Mid-Senior Security Consultants
- DFIR Specialists
- Threat Hunters
- Malware Analysts
Below you can download our course syllabus to learn more about the content that is covered in the training course and tested in the practical assessment (we’ve also provided a high-level overview in the tabs below!). The certification is split into 4 domains.
- Introduction to Vulnerability Management
- Host Discovery
- Vulnerability Discovery
- Analysis, Prioritization, and Threat Intelligence
- Reporting and Remediation
- Introduction to Malware Analysis
- Build Your Own Analysis Lab
- Static Analysis Tools and Techniques
- Dynamic Analysis Tools and Techniques
- Malware Analysis Practice
- Introduction to Advanced SIEM
- SIEM Architecture
- Build Your Own SIEM Lab
- Proactive SIEM (Hunting)
- Adversary Emulation, Detection, and Analysis
- Introduction to Threat Hunting
- Build Your Own Hunting Lab
- Endpoint Threat Hunting
- Network Threat Hunting
- Hunt Reflection and Report Writing
We have not yet announced all of the details regarding the certification process for BTL2. We will provide more information at the launch event.
The BTL2 exam is designed to practically assess students on the four domains covered in the training course by utilising a range of tools and techniques to investigate a realistic intrusion scenario. The exam is comprised of two components:
- A number of questions that must be answered during the investigation
- A written report based on a provided template
We believe feedback is absolutely crucial to developing your skills, rather than just passing the certification. We will provide feedback to all students regardless of whether they pass or fail our exam, so you can understand your weak areas, and become a stronger security professional.
FREQUENTLY ASKED QUESTIONS
HOW LONG WILL I HAVE ACCESS TO THE TRAINING COURSE and labs?
You will have access to the on-demand course and lab platform (with 120 lab hours) for 5 months/155 days from the date of purchase. Your certification exam vouchers are valid for 12 months from purchase. We have guides to create your own labs for the Advanced SIEM, Threat Hunting, and Malware Analysis domains, so you can continue to practice even after your access expires.
do you offer discounts FOR INDIVIDUALS?
The only discount we have planned is the launch discount of 25% from 6th September – 6th October, which will be the heaviest discount we will have for BTL2 (both for individuals and organisations). Please do not email us asking for discounts or free vouchers – if we decide to run a discount or giveaway, we will post it on our social media accounts and website.
why is this course so expensive?
While it may seem like a lot, BTL2 is an extremely large course and is very competitively priced compared to other companies on the market, based on the scope and quality of the content, labs, and importantly, our practical exam. It is not cheap to build and maintain a course and certification of this scale, including technology, employees, and certified rewards.
I'm NEW TO SECURITY, CAN I TAKE BTL2? IS BTL1 REQUIRED FIRST?
After feedback from our community, we decided that BTL1 is not required to take BTL2. While BTL2 is aimed at security professionals with a recommended minimum experience of 2 years in a technical role, it is definitely possible for an individual with less experience to take and pass BTL2, but it will require discipline and dedication.
DO YOU OFFER DISCOUNTS FOR ORGANISATIONS?
Of course! We offer discounts on BTL2 vouchers in progressive tiers, starting at 3 students in one order. We also offer discounts for BTLO, BTL1, and BTL2 bundles. Another benefit includes a Team Leader console to track the progress of your team members across our training courses. You can request a quote via the button at the top of this page where you’ll be passed to one of our Account Managers.
What happens if my training access expires? Can i still access the labs and exam?
Yes, BTL2 separates the certification into three elements; the training, the labs, and the exam. This means even if your training access expires you can still practice and take the exam, giving you up to 5 full months of studying (if your training access ends and you start the exam, we’ll even give you access to the course for the exam duration!).
IF I NEED MORE TIME, CAN I GET AN EXTENSION?
Yes, we provide one-time paid extensions for either 31 days or 62 days. These can be purchased from the store on our new lab platform and will automatically add the number of days to your existing total. This will extend your access to the course, lab platform, and forum.
My friend wants to take the training and labs but he cannot afford it - can i just share my account with them?
Account sharing or leaking course materials to non-paying individuals is a breach of the BTL2 Terms and Conditions and will lead to us automatically remove BTL2 from your account with no refund. We also reserve the right to claim for legal damages based on the extent of the T&C breach.
Security Blue Team is dedicated to providing affordable, practical, and high-quality defensive cybersecurity training, certifications, and community events.