Skip to main content

Learning Paths (Beginner to Expert)

This page helps you learn AuroraSOC in a structured way based on your role and experience level.

How to Use This Page

  1. Pick your role.
  2. Follow the path in order.
  3. Complete the hands-on milestone at the end of each path.
  4. Move to the next path only after you can explain the workflow back to another person.

Path A: First-Time User (No SOC Background Required)

Goal: Understand what AuroraSOC does and complete one investigation safely.

  1. Welcome to AuroraSOC
  2. Quick Start
  3. Dashboard Overview
  4. Alerts Management
  5. Case Management
  6. Common Workflows

Milestone:

  • Start AuroraSOC
  • Trigger one investigation
  • Move alert to case
  • Close case with a note

Path B: SOC Analyst

Goal: Operate alert-to-case workflows efficiently and consistently.

  1. Operation Modes
  2. Alerts Management
  3. Case Management
  4. Threat Intelligence
  5. SOAR Playbooks
  6. Human-in-the-Loop

Milestone:

  • Execute one dry-run playbook
  • Request and process one approval decision
  • Export final report for a completed case

Path C: Security Administrator

Goal: Secure platform access and operational governance.

  1. Authentication
  2. Role-Based Access
  3. API Keys
  4. Agent Fleet
  5. SIEM Integration

Milestone:

  • Configure role permissions for at least two user personas
  • Rotate one API key and verify service continuity

Path D: CPS and IoT Operator

Goal: Understand physical-cyber visibility and trust workflows.

  1. CPS and IoT Security Concepts
  2. CPS and IoT Devices
  3. Event-Driven Pipeline
  4. Common Workflows

Milestone:

  • Verify one device trust state
  • Correlate a CPS signal with one security alert

Path E: Developer and Integrator

Goal: Understand architecture and safely extend AuroraSOC.

  1. Developer Architecture Overview
  2. Settings System
  3. REST API Endpoints
  4. Agent Factory
  5. A2A Protocol
  6. Testing Strategy

Milestone:

  • Add or modify one integration in a dev environment
  • Write at least one test for the change
  • Validate behavior end-to-end

If you are onboarding a team, this sequence works well:

  • Day 1: Path A core pages
  • Day 2: Path B or C depending on role
  • Day 3: Hands-on scenario drills
  • Day 4: Role-specific deep dives
  • Day 5: Review, troubleshooting, and runbook practice

Estimated Time by Path

Use these estimates to plan onboarding sessions:

  • Path A: 60-90 minutes
  • Path B: 2-3 hours including one full case walkthrough
  • Path C: 2 hours including role/permission validation
  • Path D: 90-120 minutes with device trust checks
  • Path E: half day for architecture + code-level orientation

Evidence of Completion

For each path, capture lightweight evidence so progress can be audited:

  • Screenshot of completed milestone workflow
  • Short note on what failed and how it was fixed
  • One follow-up question to clarify in team review

Troubleshooting While Learning

Use these pages when you get stuck:

Completion Checklist

You are onboarding-ready when you can answer yes to all of these:

  • I can explain the difference between an alert and a case.
  • I can run an investigation and interpret results.
  • I understand operation modes and when to use each.
  • I know when human approval is required.
  • I know where to find security and access-control settings.