This module aims to equip students with the skills necessary to detect, troubleshoot, and escalate security incidents through the effective analysis of security events. Students will learn to communicate with management, external parties, and technology owners during the escalation process. By the end of the module, students will understand the fundamentals of incident response, including planning for the detection of security alerts, analyzing those alerts, and managing escalation to the appropriate level. They will also gain knowledge on carrying out post-incident activities and the role of a Security Operation Center (SOC). Key topics covered include the stages of incident response (IR), the creation of IR policies and procedures, the use of security monitoring tools, and the responsibilities of security monitoring teams. Additionally, students will explore the importance of threat intelligence and the role of cyber threat hunting in enhancing threat detection capabilities. Through hands-on learning, students will engage in detecting potential security incidents, managing escalations, and completing post-incident activities such as updating threat intelligence and implementing preventative measures.