this is a an AI-powered infrastructure solution to automate cybersecurity incident detection, response, and mitigation, enhancing organizational resilience against cyber threats: TSYP CS Challenge solution.
A comprehensive SOC Analyst project that includes detection rules, attack simulations, automated responses, and SIEM configuration.
Open Source SIEM with 1-Click Deploy to AWS
Splunk Material and Lab Instructions
Automated SIEM tool that detects and blocks malicious IP addresses in real-time using AbuseIPDB threat intelligence and Windows Firewall integration. Perfect for SOC analysts and security teams.
Real-time network packet capture and analysis using Moloch (Arkime), Wireshark, and Elastic Stack to detect anomalies, visualize patterns, and enhance cybersecurity.
Elastic Security information and event management Lab Project
Developed a custom SIEM solution using Splunk for Virtual Space Industries. As part of a team of three SOC analysts, monitored critical systems, detecting simulated cyberattacks like brute-force logins and SQL injections. Provided recommendations to enhance security posture, demonstrating expertise in security monitoring and incident response.
Add a description, image, and links to the security-information-and-event-management topic page so that developers can more easily learn about it.
To associate your repository with the security-information-and-event-management topic, visit your repo's landing page and select "manage topics."