DuckIntel / Security Tools

Analyst Simulations

Interactive Tier 1 and Tier 2 SOC analyst training with real alert triage scenarios, multiple choice, and a completion certificate.

Analyst Simulations provides 33 interactive multiple-choice scenarios across 9 training tracks designed to build real SOC analyst skills. Tier 1 scenarios focus on alert triage — classifying a SIEM alert, looking up a suspicious IP, and deciding whether to escalate or close. Tier 2 scenarios involve deeper investigation: tracing an intrusion, analyzing malware behavior, and coordinating an incident response.

Each scenario is based on a realistic SOC alert — a suspicious login, a port scan, a phishing email, malware detected on an endpoint — and presents you with the actual alert details you would see in a SIEM. You choose from multiple-choice answers, get immediate feedback on your choice, and read a detailed explanation of the correct approach and what tool a real analyst would use.

Beyond Tier 1 and Tier 2, there are 7 objective tracks covering Firewall Analysis, OSINT Investigation, Threat Hunting, Network Forensics, Malware Analysis, GRC and Compliance, and Incident Response. Each track has 5 targeted scenarios that build competency in that specific area. Completing a track earns a printable certificate of completion.

Features

33 realistic SOC alert scenarios
Tier 1 (alert triage) and Tier 2 (investigation) tracks
7 objective tracks: firewall, OSINT, threat hunting, network, malware, GRC, IR
Immediate feedback with detailed explanations
Printable completion certificates
Tool hints linking to relevant DuckIntel tools
Progress saved to localStorage

Part of DuckIntel.io — 59 free browser-based security tools for SOC analysts. No login. No tracking. 100% client-side.