It was a quiet Friday night when the alerts hit—rogue Kerberos tickets spiking from a Pass-the-Hash attack. With 14 years in the SOC trenches, I, Shoaib Mohammed Shahapuri, saw my Tier 1 analyst, Morgan, catch the first anomaly, but it was Riley, our red teamer, who nearly owned the domain—stopped just in time. That close call inspired this Intermediate Threat Detection & Incident Response Learning Path—a 13-hour journey designed to elevate your career from Tier 1 to Tier 2/3. You'll master early-stage detection with Falcon XDR and Security Onion to catch initial access like hash captures; escalate alerts with Morgan and Alex using SOAR; track APT29-style campaigns with Alex and Taylor through Falcon Intelligence; defend Active Directory from Kerberoasting with Falcon ITDR; and fine-tune noisy detections from fileless malware using XDR and network-based tools. Each hands-on lab simulates Riley's full attack chain—credential theft, privilege escalation, lateral movement—so you can build the skills that lead to promotions and high-paying roles. Ready to outsmart Riley and level up your SOC career? Let's dive in.

With cyber threats coming from every direction, having your vulnerabilities regularly remediated and risks quantified is a necessary piece of your cyber security puzzle. With Zscaler's Unified Vulnerability Management and Risk360, you can do just that! As part of the tool set of the Zscaler Security Fabric, UVM and Risk360 work together to provide not only visibility into your current state of risk and vulnerabilities but provides a comprehensive approach to improving your overall cyber security posture. In this learning path you will learn how Zscaler's Security Fabric's tools can help your organization to prioritize your vulnerabilities, deduplicate your findings, help visualize your inventory and find potential gaps and finally quantify your security risks.