BLUE TEAM LEVEL 2 SECURITY OPERATIONS CERTIFICATION.

150+ / 40

training lessons / cloud labs and activities

4 Months

ACCESS TO THE TRAINING MATERIAL

2-4 Years

rECOMMENDED SECURITY EXPERIENCE

£1999 £1600

training & certification launch price

BTL2 Academic Advisory Board & Technical Writers

With almost 100 years experience in the security industry, these security experts have ensured that the content and practical exam for BTL2 are scoped correctly, and reflect industry best-practice. This ensures that our students will have the most beneficial experience, and get the most value out of our certification. 






Shawn Thomas

SOC Manager
Shawn is a SOC Manager, incident responder, threat hunter, podcaster, and speaker. He builds and manages detection and analysis programs for large enterprises whilst mentoring analysts.






Sean Pattee

Senior Threat Analyst
CISSP, OSCP, GCFA, GCIA, GCIH, GDAT
Sean is a Senior Threat Analyst, Incident Responder, and co-runs a Cybersecurity & Digital Forensics firm located in Phoenix, AZ.






Mat Lyons

Senior Security Consultant
GCED
Mat is an Enterprise Incident Management Consultant focusing on incident response, threat hunting, and proactive services.






Andrew Tomlinson

Senior Security Analyst
GCIA, GDAT, eCPPTv2
Andrew is a Senior Security Analyst, working as the defensive use case and assurance function lead with an adjacent focus on vulnerability risk management. Previously worked as a network security engineer consultant.






Jai Minton

Principal Security Analyst
OSCP, CCFH, CCFR





Ismael Briones-Vilar

Senior Security Analyst
GCFA, GREM, GASF, ENCE
Ismael is a Senior Security Analyst, specializing in malware analysis and digital forensics, with 15 years experience in this field.






Joshua Beaman

CSIRT Analyst
GCED, GCIH, GDAT, GEVA
Joshua is the lead Course Author, responsible for writing the Vulnerability Management domain and editing all other domains.






Sabastian Hague

CSIRT Analyst
GMON, GCDA, GCIH, GCIA
Sabastian is the primary writer for the Advanced SIEM domain, bringing 4+ years of experience from the UK Military.






Venkatesh Sathya

Senior Security Analyst
Venkatesh is the primary writer for the Malware Analysis domain, bringing 8 years experience from various Security Analyst positions.






Andrew Huang

Security Engineer
GNFA, OSCP, SSCP
Andrew is the primary writer for the Threat Hunting domain, bringing almost 12 years experience working in Security Operations defending 5 datacenters.

Overview

A hands-on defensive security training course and certification, showcasing advanced practical ability in defending networks and systems from sophisticated cyber threats. No more multiple choice exams, get genuine security operations experience with content developed by industry experts and a challenging practical assessment.

WHAT'S INCLUDED?

Individual Students:

  • 4 months access to our on-demand training course and lab platform with 40 browser-based labs.
  • Step-by-step guides to setup your own local malware analysis, SIEM, and hunting labs.
  • 2 exam attempts (initial and a free resit).
  • Dedicated student forum supported by SBT staff.
  • Physical rewards after becoming certified (silver or gold challenge coin, card certificate, & more).
  • Digital Acclaim BTL2 badge.
  • BTL2 badge on Blue Team Labs online.

Corporate Clients:

  • All of the above
  • Team Leader management portal. Track course and lab progress for all your team members.
  • Corporate discounts starting at 3 students (including voucher scheme to ‘buy now, use later’).
  • Corporate discounts for BTL1 + BTL2 bundles.

benefits of btl2

BTL2 is designed to strengthen technical defenders that already have experience and exposure to security operations. BTL2 will develop you in niche areas that make you stand out as an advanced defender. Below are some examples of the skills and experience you will gain.

  • Identify, analyze, prioritize, and remediate vulnerabilities to effectively reduce risk.
  • Conduct static and dynamic malware analysis to gather indicators of compromise and document details of the malware’s purpose and utilized techniques.
  • Writing SIEM detection rules and tuning them to ensure they’re as efficient as possible by conducting adversary emulation activities.
  • Perform threat hunts to detect adversaries that have already breached the perimeter.

Who is the course for?

BTL2 is aimed at security professionals with 2-4 years experience in a practical role, but can be suitable for individuals with less experience provided they can commit to the intense training. Roles that we believe would benefit from this course include:

  • Mid-Senior Security Analysts
  • Mid-Senior Incident Responders
  • Mid-Senior Security Consultants
  • Threat Hunters
  • Malware Analysts

COURSE CONTENT

Below you can download our course syllabus to learn more about the content that is covered in the training course and tested in the practical assessment (we’ve also provided a high-level overview in the tabs below!). The certification is split into 4 domains.

  • Introduction to Vulnerability Management
  • Host and Vulnerability Discovery
  • Analysis, Prioritization, and Threat Intelligence
  • Reporting and Remediation
  • Introduction to Malware Analysis
  • Static Analysis Tools and Techniques
  • Dynamic Analysis Tools and Techniques
  • Malware Analysis Practice
  • Introduction to Advanced SIEM
  • SIEM Architecture
  • Proactive SIEM (Hunting)
  • Adversary Emulation, Detection, and Analysis
  • Introduction to Threat Hunting
  • Endpoint Threat Hunting
  • Network Threat Hunting
  • Hunt Reflection and Report Writing

CERTIFICATION PROCESS

We have not yet announced the certification process for BTL2. We will provide more information at the launch event.

EXAM FEEDBACK

We believe feedback is absolutely crucial to developing your skills, rather than just passing the certification. We will provide feedback to all students regardless of whether they pass or fail our exam, so you can understand your weak areas, and become a stronger security professionals.

certified rewards

Once a student passes the practical exam and becomes BTL2 certified, they will receive a number of rewards for their hard work:

  • Become Blue Team Level 2 certified for 4 years (renewal via CPEs, no fees!)
  • BTL2 Acclaim digital badge
  • BTL2 printed certificate
  • BTL2 Silver challenge coin (gold if score 90%+ on first attempt)

Security Blue Team is dedicated to providing affordable, practical, and high-quality defensive cybersecurity training, certifications, and community events.