# SOC

- [CrowdStrike Falcon](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon.md)
- [Where to Spend Your Time](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/where-to-spend-your-time.md)
- [Triaging a Detection](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/triaging-a-detection.md)
- [Edit Status](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/triaging-a-detection/edit-status.md)
- [OSINT Tools to Leverage](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/osint-tools-to-leverage.md)
- [Endpoint Log Searching / CQL](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/endpoint-log-searching-cql.md)
- [Real Time Response](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/real-time-response.md)
- [Sandbox & Blocking Actions](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/sandbox-and-blocking-actions.md)
- [Investigation Template](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/investigation-template.md)
- [Extras](/mynotes/certifications-and-notes/blue-team/soc/crowdstrike-falcon/extras.md)