Blue Team Level 2 (BTL2)
Lessons available in 9 languages with native text-to-speech (beta)
Skills you'll gain
Blue Team Level 2 (BTL2)
Recommended experience
2+ years experience
Estimated time to complete
approximately 50 hours to complete
On-demand access
Complete in 5 months
Training and exam price
£1,999.00
Who is the course for?
BTL2 is aimed at security professionals with 2-4 years experience in a practical role, but can be suitable for individuals with less experience provided they can commit to the intense training. Roles that we believe would benefit from this course include:
- Mid-Senior Security Analysts
- Mid-Senior Incident Responders
- Mid-Senior Security Consultants
- DFIR Specialists
- Threat Hunters
- Malware Analysts
Why choose BTL2?
BTL2 is designed to strengthen technical defenders that already have experience and exposure to security operations. BTL2 will develop you in niche areas that make you stand out as an advanced defender. Below are some examples of the skills and experience you will gain.
- Identify, analyze, prioritize, and remediate vulnerabilities to effectively reduce risk.
- Conduct static and dynamic malware analysis to gather indicators of compromise and document details of the malware’s purpose and utilized techniques.
- Conducting adversary emulation activities with the purpose of identifying gaps in SIEM detection rules, creating operational dashboards to identify threats, and hunting on remote systems.
- Perform threat hunts on individual systems and at scale to detect adversaries that have already breached the perimeter.
Malware Analysis
59 topics
4 quizzes
11 labs
What you'll learn
Lessons
- Introduction to Malware Analysis
- Setting up a Malware Analysis Home Lab
- Static Malware Analysis
- Dynamic Malware Analysis
- Malware Analysis Practice
Skills you'll gain
Threat Hunting
Advanced SIEM
Vulnerability Management
BTL2 Exam Preparation
Frequently asked questions
Are there any exam entry requirements? If so, what are they?
No, there are no entry requirements for the exam. You can take the exam whenever you feel ready, however we strongly recommend you complete all the labs, as they are designed to prepare you for the practical exam.
What are the prerequisites for enrolling in this certification?
These are recommended, not required, prerequisites. It is advisable to complete BTL1 before enrolling in BTL2, but if you are confident in your abilities, you can jump straight in. BTL2 is designed for technical defenders with 2-4 years of experience in security operations. It aims to develop advanced skills in vulnerability management, malware analysis, adversary emulation, and threat hunting. While primarily targeted at experienced professionals, it can also be suitable for those with less experience who are willing to commit to intense training.
How long does it take to complete the certification?
Completing the BTL2 certification typically takes between 60 to 70 hours. However, the actual time may vary based on your prior knowledge of the course materials, your working speed, and the amount of time you can dedicate. Everyone's pace is different, so you might complete it more quickly or take a bit longer.
What's included in the price?
After gaining access to the course, you receive 45 months of access to 231 lessons and quizzes, 28 browser labs with 120 hours of access, and the BTL2 exam, which includes up to 72 hours to complete a practical assessment and submit a written report. The report is hand-marked within 30 working days, and you need to score 70% or higher to pass (90%+ on the first attempt earns a gold challenge coin). Detailed feedback is provided to help improve your skills. Upon passing, you receive Blue Team Level 2 certification for four years, a BTL2 Acclaim digital badge, a printed certificate, a Blue Team Labs Online digital badge, a silver challenge coin (gold if scoring 90%+ on the first attempt), and laptop stickers.
Is everything to pass the exam in the course?
Yes, there is nothing in the exam that hasn't been covered in the course, or without clear instructions being provided. The exam features a select subset of the tools covered in the course, similar to real incident response engagements.
How long is the access?
Individual Students: Once you purchase BTL2, it will immediately appear in your account. You will then be free to start the course whenever you want. Corporate Clients: Purchased licenses can be issued at any time within 12 months from the purchase date, providing you the flexibility to start the training when your team is ready. After gaining access to the course, you have 5 months on-demand access to the training material.
Are there any discounts available?
A 10% discount is available to verified students that are actively studying with an established educational institute. There are also discounts available to military personnel, first responders, and veterans. Read more here: https://support.securityblue.team/hc/en-gb/articles/11802106331164-Discounts-for-Students-and-Service-Members Corporate discounts are available based on the number of licenses purchased.