SOC Analyst Training (5.3): Web Attack Detection - Access Control & File Inclusion (IDOR, RFI/LFI)

Welcome back to the Let’s Defend SOC Analyst Learning Path series!

In this third installment of Detecting Web Attacks, we’re tackling two major web vulnerabilities that every SOC Analyst should understand:
Insecure Direct Object Reference (IDOR): Learn how to detect and investigate access control vulnerabilities that let attackers manipulate sensitive data.
Remote & Local File Inclusion (RFI & LFI): Dive into spotting and preventing file injection attacks that can lead to remote code execution.

This is a follow-along channel where I share my learning journey in cybersecurity. Join me as I work through labs, analyze web attack patterns, and sharpen skills step-by-step. We’re learning together, so grab a notebook, hit play, and let’s figure this out!

Missed earlier parts? Check out the full playlist for Part 1 (SQLi, OWASP, & more) and Part 2 (XSS & Command Injection) to catch up on the basics and build your web attack detection skills.

Timestamps:
00:00 - Welcome to the Let’s Defend SOC Analyst Series!
00:24 - What is IDOR? Detecting Insecure Direct Object Reference Attacks
07:41 - IDOR Lab: Step-by-Step Vulnerability Investigation
11:03 - RFI & LFI Explained: Detecting Remote & Local File Inclusion Attacks
15:21 - RFI & LFI Lab: Hands-On Web Attack Detection

#LetsDefend #SOCAnalyst #CybersecurityTraining #WebAttackDetection #IDOR #RFI #LFI #ThreatDetection