In this help article, we want to provide you with more information about CJDE (Certified Junior Detection Engineer) so you can make an informed decision on whether our training and certification is the right investment for your career.
What is CJDE?
Certified Junior Detection Engineer (CJDE) is our entry-level practical cybersecurity training course and certification exam. Primarily designed for SOC Analysts and those transitioning into detection engineering, CJDE bridges the gap between security fundamentals and advanced threat detection skills.
Detection engineering is no longer a "nice to have"—it's a core skill for SOC teams. Analysts are expected to not just monitor alerts, but actually understand how detections are built, tuned, and improved. CJDE addresses this need head-on with hands-on labs and applied practice, helping learners create effective detections from day one.
The certification covers the following domains:
- Threat Intelligence Integration – Learn how to incorporate threat data into detection workflows and understand the differences between operational, tactical, and strategic intelligence.
- Detection Rule Creation & Tuning – Master the fundamentals of building and refining SIEM detection rules to maximize detection accuracy while minimizing false positives.
- Yara & Sigma Essentials – Understand industry-standard detection languages and how to use them in investigations and playbooks.
- Zeek Essentials – Learn network-level threat detection using Zeek (formerly Bro) for analyzing network traffic and identifying malicious activity.
- SIEM Platforms – Gain hands-on experience with multiple SIEM tools including Splunk, Elastic, and Graylog to understand how each platform approaches detection management.
- Network & Endpoint Analysis – Develop practical skills in analyzing both network traffic and endpoint data for threat detection purposes.
- Linux, Windows, and Python Basics – Build foundational technical skills needed to write and automate detection rules effectively.
When purchasing CJDE, you will receive:
- 4 months of access to on-demand CJDE training materials (written lessons, videos, quizzes, hands-on activities, and labs)
- 120 hours of hands-on lab environments across multiple SIEM platforms
- 2 exam attempts that must be used within 12 months of starting
- (When certified) Physical rewards gift including a printed certificate, sticker, and challenge coin
- (When certified) Digital rewards gift including a Credly digital badge, digital certificate, and Blue Team Labs Online badge and title
- Estimated completion time: ~40 hours of focused study
Who is CJDE for?
- Junior SOC Analysts or Detection Analysts ready to strengthen their detection engineering skills and move toward more advanced roles
- Detection Engineers or SIEM Administrators looking for practical, hands-on experience in rule creation and tuning across multiple platforms
- Cybersecurity Students or Career Changers aiming to break into detection engineering with a recognized certification and practical experience
- Managers and Team Leaders looking to upskill their analysts in threat detection and SIEM operations at scale
How can CJDE provide value to me?
CJDE provides clients with an interactive and hands-on training course where you'll be using real-world tools in simulated environments called labs. This allows you to gain near real-life experience without already working in a SOC.
Unlike theory-based certifications, CJDE focuses on applied skills. You'll create actual detection rules, analyze real threat data, and solve practical problems you'll encounter in a detection engineering role. Many clients have told us that recruiters are very impressed when candidates discuss the specific detection rules and labs they've built during the interview stage.
Why hands-on labs matter: Detection engineering requires practice. You can't learn to tune rules or integrate threat intelligence from a lecture alone. CJDE's 120 hours of lab work ensures you develop muscle memory and confidence in these critical skills before you encounter them in production environments.
How does CJDE compare to our other certifications?
| Certification | Focus | Best For |
|---|---|---|
| CJDE | Detection engineering and SIEM expertise | Specialising in detection rule creation, tuning, and analysis |
| BTL1 | Broad junior SOC skills (IR, forensics, SIEM, phishing, threat intel) | A general blue team foundation |
| BTL2 | Advanced SOC and analyst skills | Experienced analysts following on from BTL1 |
| CSOM | Security operations management and leadership | Moving into SOC management or leadership roles |
Bottom line:
- Choose CJDE if detection engineering and SIEM expertise are your primary goals
- Choose BTL1 for a broad blue team foundation
- Choose BTL2 if you've completed BTL1 and want to step up
- Choose CSOM if you're moving toward security operations leadership
Student Success Stories
We have a community of CJDE students who are actively discussing their experiences. To hear from real students and understand what they liked (and didn't like) about CJDE, we recommend:
- Searching LinkedIn for "#CJDE" (including the quotes), filtering by Posts, then the last 30 days. This shows real-time feedback from people who've taken the course.
- Visiting our main CJDE page to read student testimonials and success stories.
- Checking Reddit communities like r/cybersecurity and r/SecurityAnalysis for discussions about CJDE and detection engineering certifications.
- Join our Discord community CJDE Channel for active discussions and feedback on the course. Our staff is actively taking feedback to ensure our students experience is well kept.
Prerequisites
CJDE is designed for those with 1 to 3 years of cybersecurity experience, though it's accessible to motivated learners with a baseline understanding of SOC workflows, security fundamentals, or basic networking.
That said, CJDE moves at a good pace. If you're completely new to cybersecurity, you may want to start with our free foundational courses first to build context.
Still need help?
Submit a support ticket and our team will be happy to help.