Blue Team Level 1

- 2 mins read

SBT Logo

Security Blue Team

I completed BTL1 in early 2021, while it was very new. Word was spreading around Twitter, LinkedIn, and Reddit about this exciting new certification that offered a practical exam. It immediately caught my interest, since we were lacking in accessible blue team content. While still expensive, offensive certifications were certainly more attainable. However, most of the infosec community doesn’t live in that world.

Target Audience

BTL1’s content is incredibly accessible for entry level students. However, you will not pass the exam without the ability to practically use the skills taught in this course. It will require study, and practice. To date, it is one of my favorite certifications, simply because of the value it provides at its price point. For £399 (~$500) there’s much to be gained for professionals, and newcomers alike.

After completing the exam, you will have the skills required of an entry level analyst. It also is excellent for sysadmins, and network admins wishing to gain more knowledge around securing their infrastructure. I’m putting this cert in future job descriptions, and will be excited to find it on resumes.

Training Content

The course content covers six domains:

  • Security Fundamentals
  • Phishing Analysis
  • Threat Intelligence
  • Digital Forensics
  • SIEM
  • Incident Response

The exam is a 24-hour practical incident response exercise. It will require a thorough understanding of each of these domains. However, there is nothing insanely difficult within the content, and what’s provided is sufficient for the exam.

I tore through the content pretty quickly; I was having fun. However, I already carried a good bit of experience walking into the course, and much of it was review. I absolutely had gaps in my knowledge, but I was able to target those fairly quickly. After two weeks I was anxious to try the exam. After about 6 hours I hit my limit, closed out the lab, and completed my report. I passed, but unfortunately did not score high enough for the Gold Challenge Coin reward. I certainly could have spent more time on the content.

I think this is the best value entry-level certification on the market. It was desperately needed at the time it came out. Passing the exam proves you understand the concepts presented, rather than memorizing content for a multiple-choice exam. I’ve recommended this certification to students, and junior professionals time, and time again. If you’re on the fence, take it. It’s worth it. I’m also a huge supporter of non-expiring certifications. That’s a huge plus!

https://securityblue.team/

BTL1 Coins

AOTD: Baroness - Blue Record