Lab
Alert Triage Simulator
Practice SOC alert triage under pressure. Learn to spot real threats in a sea of noise.
Alert Triage Simulator
Practice SOC alert triage under pressure. Spot real threats in a sea of noise.
Client-side
Procedural alerts
How it works
- Security alerts appear one at a time
- Read the alert, expand context if needed
- Choose: Escalate, Investigate, Dismiss, or Tune
- Get immediate feedback and learn from each decision
Keyboard shortcuts
1 or E Escalate
2 or I Investigate
3 or D Dismiss
4 or T Tune
C Toggle context
Enter Continue
Select Difficulty
Action Reference
Escalate
Real threat requiring immediate response. Page the IR team.
Investigate
Needs more context. Safe choice when uncertain.
Dismiss
False positive. Close without action.
Tune Out
Known-benign pattern. Suppress future alerts like this.
Progress
0 / 10
Score
0
Streak
Timer
--
✓
Correct!