Junior SOC Analyst Struggles with Impostor Syndrome and Seeks Learning Resources for Network Anomaly Analysis

A junior SOC analyst with 1.5 years of experience shares their struggle with impostor syndrome and difficulties in analyzing network traffic within the SIEM. They describe a specific case where a company's Domain Controller initiated over 1,100 connections to other servers in under a second at 3:30 AM on port 445, with 0-byte payloads. The analyst feels overwhelmed by these anomalies and requests recommendations for learning materials to better understand such situations.