HomeNotesWrite-Up'sBookshelfArticles
Page cover image

🛡️HTB CDSA

Intro

In the bits below, I will write about my experience with the CDSA course by HTB. The review is not sponsored and I will be 100% transparent.

About HTB

The Hack The Box offers A LOT in the cybersecurity field, especially in the educational part of it (Hack The Box Academy) .

Among large numbers of CTF events, Machines, Sherlocks etc... They are also making it hard for other cybersecurity certification competitors.

The platform's growth was organic, fueled by word of mouth and community engagement.

Over time, HTB evolved into a comprehensive cybersecurity training platform, offering learning experiences for individuals and organizations. Today they have about 3 million users and 200-500 employees across different countries.

Did you know?

At the very begininng, HTB had no sign in. You had to hack you way into the website.

HTB CDSA

The Hack The Box Certified Defensive Security Analyst (HTB CDSA) is a hands-on, intermediate-level certification designed for people aiming to build their skills in Security Operations Center (SOC) operations, incident handling, and threat detection.

It offers a hands-on approach to validating your skills in SOC operations and incident handling. Its emphasis on real-world scenarios, continuous assessment, and comprehensive reporting makes it a valuable credential for cybersecurity professionals seeking to demonstrate their practical expertise.

Courses Comparison

I have been connecting with people who have taken different blue team courses to create the comparison below, have in mind that i the comparison below is based on my opinion and information gathered, some information like the pricing can be incorrect (and if it is please let me know)

In the price I have considered now much on avarage is spent per course (different paying programs make it difficult to comapre, some have subscriptions, some buy separate modules, some are pay-and-learn...)

Certification
Difficulty
Price
Industry Recognition
Hands-On Experience
Exam Format
Report Needed
Access

HTB CDSA

$210+ (student) $500+ (regular)

Hands-On (7-days)

Yes

Lifetime

BTL1

$522

Hands-On 72-hours

Yes

4 months

CySA+

$404

Closed Type

No

12 months

OSDA

$1750

Hands-On 72-hours

Yes

Lifetime

PSAA

$250

Hands-On 72-hours

Yes

12 months

CCD

$800

48-hours

No

4 months

The access to the materials is available depending on the organization The time you have to use you exam vauchers also depends on the organization The exams are usually available for a few hours to a few days depending on the organization.

My experience with CDSA

I am aiming for my first job as a SOC Analyst and wanted to get to know my future job better, so I decided to take a blue team course.

I am the type of guy that wants to know all of the sources available for the certain thing, and pick the best one for me.

I researched all the available courses and all the things that one certificate should include. From the community recognition, quality of the material, hands on exercises, pricing etc...

And at the end of my research the finalist was clear - CDSA by HTB.

At the moment I am 1 month in it and I'm learning whenever I have the time to do so. Once I get to the certificate I will update this page with more personal opinions on the course...

The only Con for now?

The courses in general by HTB provide a lot of information and can be a bit overwhelming. (A video guides would save up a lot of time and make it easier - just saying)

Also with this problem comes the next thing - it takes time to finish. From the people I communicated with, most of them took 5-7 months to finish the course and get the cert (have in mind that they have a life).

The Modules

The course has 15 modules that HAVE to be 100% finished if you want to buy the exam voucher.

The modules included are:

  • Incident Handling Process

  • Security Monitoring & SIEM Fundamentals

  • Windows Event Logs & Finding Evil

  • Introduction to Threat Hunting & Hunting With Elastic

  • Understanding Log Sources & Investigating with Splunk

  • Windows Attacks & Defense

  • Intro to Network Traffic Analysis

  • Intermediate Network Traffic Analysis

  • Working with IDS/IPS

  • Introduction to Malware Analysis

  • JavaScript Deobfuscation

  • YARA & Sigma for SOC Analysts

  • Introduction to Digital Forensics

  • Detecting Windows Attacks with Splunk

  • Security Incident Reporting

Each module can be unlocked with a one-time payment. You pay in "cubes" that can be purchased on the website, or you pick to pay for one of the monthly subscriptions. (if you are student you can apply for a monthly student subscription - $8 incl. VAT)

After almost each lesson you will have at least a open type question, but in most cases it will be a hands-on lab.

How to connect to the labs

The process is nicely explained on the website but in short - you need to connect to a VPN server of theirs using OpenVPN protocol. After that you can activate the lab and interact with the IP address you are given.

The exam

Prerequisite

Completion of the full SOC Analyst job-role path on HTB Academy

Exam Duration

Once you start the exam, you have 7 days to finish it. Finishing the exam includes finding what is required and writing a well structured and defined report.

The report is submitted at the end, and reviewed by a specialist from HTB. When done reviewing he will send you a message that contains information what you did well and where you made mistakes, as well as the points and the result.

At the end you can pick to order the Physical Bundle to have the cert, tee-shirt and all the goodies for a celebration picture and a nice memory.

Wishing you all the luck if you start the journey, I didn't finish it yet but can tell you I like the course a lot already, the community is huge and the support from the HTB team is unmached.

Love. 💚 BataMladen.

PreviousDLL hijacking

Last updated