// soc analyst · daily investigation log

alert triage log

Every alert investigated — dated, categorised, and mapped to MITRE ATT&CK. Real-world SOC analyst training via LetsDefend and BTLO, documented daily. Part of the Day N of Becoming a SOC Analyst series.

// level 2 · ir pathway · full kill chain investigations

Looking for the deep-dive work? IR investigations cover complete attack chains — forensic triage, persistence analysis, C2 identification, and documented response playbooks. Not just alert triage.

View IR Cases →

—

Investigations

—

True Positives

—

False Positives

—

Critical

—

MITRE Techniques

—

IR Investigations

// all investigations · sorted by date

investigation log

Filter by severity, outcome, or search by technique, tag, or alert ID. Click any column header to sort.

showing 0 of 0 investigations

Date ↑	Alert ID	Title	Severity	Outcome	Platform	MITRE ATT&CK	Tags	Notes

no alerts match that filter.

// technique frequency

MITRE ATT&CK heatmap

Techniques seen across all investigations, ranked by frequency.