This project aims to help the Cybersecurity community understand how to use Splunk Enterprise tool to in reviewing logs and using the log ingestion for analysis and investigation.

Hands-on SOC labs showcasing SIEM analysis, threat detection, and incident investigation using Wazuh and Splunk

Splunk SIEM SOC monitoring lab for cyber threat detection, dashboard development, automated alerts, and security incident investigation.

SOC Analyst portfolio project demonstrating deployment and operation of a Wazuh SIEM home lab, including alert monitoring, incident investigation, MITRE ATT&CK mapping, false-positive analysis, and active response automation across Linux and Windows endpoints.

A collection of practical SOC and cybersecurity analyst labs focused on security event investigation, SIEM detection logic, incident response playbooks, vulnerability management workflows, and security operations documentation. Built to demonstrate real-world blue team skills and continuous learning.

This project showcases my 30-Day SOC Challenge, a hands-on journey to build core blue team skills. It includes daily labs on log analysis, incident response, threat hunting, malware investigation, and SIEM/EDR use cases using Splunk, Wazuh, and Suricata all based on real-world attack simulations with open-source tools.

SOC L1 SIEM lab using Splunk for detection, investigation, and incident response

Hands on SOC investigation labs including phishing detection, SIEM analysis, and firewall incident investigations.

An integrated SOC monitoring lab combining availability monitoring, SIEM, network analysis, and incident investigation.

SOC analyst lab investigations including SIEM alerts, incident response, and threat analysis

Cybersecurity and SOC analyst lab portfolio showcasing SIEM investigations and incident analysis

Hands-on SOC lab using Splunk SIEM for log analysis, threat detection, and incident investigation.

SOC Level 1 labs from TryHackMe — SIEM investigations, log analysis, and incident response.

SOC Analyst portfolio featuring Microsoft Sentinel SIEM lab, alert triage, incident investigation, and security monitoring projects.

SIEM lab project analyzing security alerts and investigating potential incidents using SOC analyst workflow.

Hands-on Elastic SIEM labs focused on SOC analyst skills, detection engineering, alert triage, and incident investigation.

SOC analyst learning portfolio documenting TryHackMe labs, SIEM investigations, threat hunting, and incident response exercises.

SOC Home Lab simulating multi-endpoint attacks with Wazuh SIEM for threat detection, log analysis, and incident investigation.

Hands-on SOC analyst labs documenting alert analysis, log investigation, and incident triage using TryHackMe and SIEM-based workflows.

Hands-on SOC labs: Linux log analysis, SSH brute-force detection, and SIEM-style incident investigations.

Blue Team / SOC Analyst portfolio. Home lab, incident investigations, SIEM use cases, detection engineering and forensic notes.

Cybersecurity portfolio containing SOC labs, SIEM detection engineering, incident response investigations, phishing analysis, and vulnerability assessment projects.

SOC threat detection lab demonstrating SIEM log monitoring, attack simulation, network traffic analysis, and incident investigation using Wazuh, Splunk, and Wireshark.

Splunk SIEM SOC lab project demonstrating real-time log monitoring, threat detection, and incident investigation using simulated security logs and custom SPL queries.

SOC Level 1 SIEM lab using Wazuh. Includes SIEM deployment, log ingestion from Linux & Windows, custom detection rule for repeated sudo failures, alert investigation workflow, and incident escalation report.

A collection of cybersecurity analyst projects including SIEM monitoring, incident detection, threat analysis, vulnerability scanning, and SOC home lab investigations.

SOC Analyst portfolio showcasing incident investigations, PCAP analysis, SIEM queries, threat hunting, and blue team case studies (BTLO simulated labs).

SOC Monitoring & Threat Detection Lab using Splunk SIEM to detect brute-force and password spraying attacks through Windows log analysis and incident investigation workflows.

Hands-on SOC analyst lab showcasing incident response, threat detection, SIEM investigations, and security hardening with a focus on healthcare environments.

Practical SOC Level 1 portfolio based on TryHackMe labs, covering alert triage, log analysis, phishing investigations, SIEM workflows, and incident response using real-world SOC scenarios.