Build the blue team— SIEM & SOAR, hands-on.
Round out cloud security with the detection-and-response skills every SOC runs on. Investigate real telemetry, write detections that fire, and automate the response — all in managed environments you launch from a browser.
SIEMSIEM — detection & log analysis
Build high-signal detections, hunt through telemetry, and turn noisy logs into alerts that actually matter.
- Detection engineering
Build rules, tune noise, and triage alerts across host and cloud telemetry.
- Log analysis & threat hunting
Pivot through logs to find attacker activity and write durable detections.
SOARSOAR — automated response
Wire detections to automated playbooks, auto-enrich alerts, and cut mean-time-to-respond to minutes.
- Automated response playbooks
Wire detections to automated actions and cut mean-time-to-respond.
- Enrichment & case workflows
Auto-enrich alerts and orchestrate end-to-end incident workflows.
Real telemetry, zero setup
No servers to stand up, no agents to install, nothing to configure. Each lab spins up a managed detection-and-response environment in your browser, pre-loaded with realistic telemetry to investigate — and it's wiped clean when you're done.
Start the SOC track
Investigate, detect, and automate your first response — launch a SOC lab from your browser.