Land your first SOC analyst role.
The structured path for career switchers and self-taught learners who are tired of guessing.
MYDFIR Forge gives you everything in one place. Real alerts in Microsoft Defender XDR and Splunk. Real investigations with real feedback from someone who does this work for a living. A 90-day program, a simulator that feels like a real SOC job, and a community of people doing the work with you.
No job promises (unfortunately). No shortcuts.
Just the structure, the tools, and the work that gets you hired.
80k+Subscribers
4M+Views
250+Students
FEATURED MEMBERS
What others are saying
"Steven actually answers your questions, in detail, every time."
"I tried other cyber communities first. What MYDFIR gives that they didn't is cohesion. Every lesson connects to the last. By Day 20 I wasn't relearning. I was seeing how everything fits together. I feel like a detective now."
- David G
"I have 3 SANS certs and I still get value from the Forge every day"
"I went through three SANS certifications: GFACT, GSAC, and GCIH. They're great. They're also time-locked and grueling. The Forge is different. No deadline pressure. Space to dig in, ask questions, build your own investigation methodology."
- Nigel D
"When you're here, you're getting insane value."
"I came from kinesiology. I got my Security Plus and a stack of CompTIA certs solo, but when I looked at job postings I couldn't actually do what they were asking. After 90 days inside the Forge, it's night and day. I'm confident I could land a SOC role now."
- Shahzeb M
What's inside the Forge
Everything in one place. The simulator, the structure, the people, the practice.
SOC Simulator
A live work environment that feels like a real SOC job. Real alerts in Microsoft Defender XDR and Splunk.
Simulated clients. Real investigations.
90-Day SOC Program
Takes you from beginner to mid-level SOC analyst. One lesson a day on monthly. All lessons unlocked on annual.
DFIR Course
Digital Forensics & Incident Response. The next step after the 90-day program. Takes you toward consultant-level work. Included on annual.
Monthly Challenges
Full attack scenarios you investigate from start to finish. A new one every month. The closest thing to the real job before you have the job.
Weekly Calls
Every Sunday I'm on a live call. Ask questions. Work alerts together. Not pre-recorded.
Job Support
Resume, Portfolio & LinkedIn reviews. Report feedback and I'll vouch for you on your resume when you meet the requirements.
Your Path to a SOC Role
Six clear steps. Start where you are.
Get inside the community of analysts doing the work.
Theory, hands-on labs, the SOC Simulator. Built day by day.
Investigation reports, projects, CTF wins to show employers.
Resume, LinkedIn, and interview prep with Steven.
Apply with proof of your work, not just a stack of certs.
Keep growing toward DFIR consultant work.
Not sure which one to start with?
FREE
MYDFIR SOC Community
$0
Best for: Exploring cybersecurity, new to the SOC or if Forge isn't right for your budget today.
Basic SOC Training
Monthly Community Meetings
Community of People Learning
MONTHLY MEMBERSHIP
MYDFIR Forge
$99/mo
Best for: Self-taught learners tired of guessing and ready to follow a clear roadmap with structure.
Everything in Free, plus
SOC Simulator (Splunk + XDR)
90-Day SOC Accelerator
One lesson a day for 90 days
DFIR Course (after day 100)
BEST FOR CAREER CHANGERS
annual MEMBERSHIP
MYDFIR Forge
$999/yr
Best for: Self-taught learners tired of guessing and ready to follow a clear roadmap with structure.
Everything in Free, plus
Everything unlocked day 1
Full 90-Day SOC Accelerator
Full DFIR Course
Move at your own speed
MOST POPULAR
Start free if you're just getting started. Pick the Forge if you're done guessing and ready to put in the work.
About Me
Hi, my name is Steven.
I am a cybersecurity professional with over a decade of experience in the industry, specializing in security operations. Throughout my career, I’ve had the privilege of working with a diverse range of companies, including top consulting firms and government entities.
In recent years, I have found my true calling in Digital Forensics & Incident Response (DFIR). I am captivated by the intricacies of investigating and responding to cyber incidents, working diligently to identify and mitigate security breaches. My specialization in DFIR allows me to analyze digital evidence meticulously, contributing to the development of robust incident response strategies to safeguard organizations against future threats.
Certifications
Stop guessing. Start training.
The path is here. The tools are real. The community is in.
Frequently Asked Questions
Question 1: What's the difference between the SOC Analyst Course and the Forge?
The SOC Analyst Course ($499, one time) is buying a textbook. You own it forever. Study at your own pace. You’re on your own.
The Forge ($99/month or $999/year) is like enrolling in a self-paced school. The same textbook is part of the curriculum (one video a day for 90 days), plus a practice lab, classmates, a teacher you can talk to every Sunday, monthly competitions, and an advanced textbook waiting after you finish the first.
Different things. Same starting material. Pick based on whether you want to own a textbook or attend a self-paced school.
Question 2: What if I fall behind?
That’s totally normal this isn’t a race.
The SOC Accelerator content unlocks one day at a time to help you build momentum without burnout. Whether it takes 90 or 180 days, the goal is consistent action not speed.
Question 3: Is this beginner-friendly?
Yes and no. This community is built to help you build blue team skills specifically SOC analyst skills through practical, hands-on experience. The expectation is that you already have some foundational knowledge in IT, networking, and cybersecurity. Think of this space as the bridge between theory and real-world application. If you've been learning the theory, this is your next step.
Question 4: What happens after the 90 days?
The SOC Accelerator runs for 90 days, but the journey doesn’t end there. There is a SOC simulator, a Forge Senior track, DFIR course, and many more. You can choose to continue your subscription or not, but if you’ve followed the tracker and put in the work, you’ll at least walk away with skills many are still missing in the field.
Question 5: Do I need a cybersecurity or IT background?
Ideally, yes at least a basic understanding of IT, networking, and security concepts. This is a SOC-focused community, so the discussions, labs, and projects can get technical quickly. You don’t need to be an expert just willing to learn and put in the effort.
Question 6: Are there any live calls or is it all self-paced?
Most of the content is self-paced, but there are meetings every week for different purposes. I also host a weekly Mentorship Monday AMA you can drop questions in advance and I’ll respond with a video or post.
Youtube
Instagram
X
LinkedIn