Security Blue Team Blue Team Level 1

EntrySOC / Blue TeamPaid

The most community-respected practical blue team certification for SOC analyst roles. 24-hour open-book exam with 20 task-based challenges across Phishing Analysis, Threat Intelligence, Digital Forensics, SIEM, and Incident Response. Over 10,000 certified across 80+ countries. Used by enterprise teams as minimum baseline for SOC analysts.

What you'll prove

  • Analyze phishing emails and identify indicators of compromise
  • Apply threat intelligence to enrich security investigations
  • Perform basic digital forensics using industry-standard tools
  • Investigate security alerts using Splunk and other SIEM platforms
  • Execute structured incident response procedures for common attack scenarios
  • Document investigation findings following professional standards

Frequently asked

How much does BTL1 cost?

$490 USD (£399 GBP) which includes 4 months of training access, all labs, and 2 exam attempts. Student, military, and first responder discounts available.

BTL1 vs CySA+ — which is better for SOC roles?

BTL1 is purely practical and highly respected by practitioners. CySA+ is MCQ-based, DoD 8570 approved, and has broader HR recognition. Many SOC professionals hold both — BTL1 proves hands-on ability; CySA+ satisfies compliance requirements.

Who should get BTL1?

Career changers entering SOC roles, entry-level analysts who want practical validation beyond Security+, and IT professionals transitioning into blue team work. Over 10,000 certified professionals globally.