End-to-end Azure edge security lab: Front Door Premium with WAF, dual-region Container Apps failover, Microsoft Sentinel, SOC automation, and Azure Workbooks. One-click deploy with Bicep + azd.

No description available

Cloud-based SOC lab built in Azure using Microsoft Sentinel, KQL, and Logic Apps to simulate attacks, detect threats, and automate incident response.

I built a cloud-based cybersecurity lab in Azure using Microsoft Sentinel to detect and analyze threats. It includes VMs, security logs, KQL queries, and GeoIP mapping. The lab simulates real-world attacks like brute-force attempts, helping me practice SOC skills, automate security tasks, and improve threat detection.

Azure Sentinel Honeypot SOC Lab

Microsoft Sentinel based Enterprise SOC Lab

SOC TRAINING LAB USING MICROSOFT SENTINEL CLOUD SIEM

Cloud-based SOC Lab with Microsoft Azure and Sentinel

Microsoft Sentinel lab detecting brute-force logins with custom KQL rules; includes setup notes, screenshots, and incident workflow.

Home SOC Lab with Microsoft Sentinel for SIEM & Threat Detection

Built a home SOC using Microsoft Sentinel and Azure to detect real-world attacks.

A hands-on SOC lab featuring Azure Sentinel SIEM with custom KQL detection rules, Logic Apps automation, threat intelligence integration, and MITRE ATT&CK mapping

End-to-end SOC automation project that detects brute-force login attacks with Microsoft Sentinel and automatically blocks malicious IPs using Azure Logic Apps and Network Security Groups.

No description available

Cloud SOC detection lab using Microsoft Sentinel, Cowrie SSH honeypot, Active Directory monitoring, and DeepBlueCLI threat analysis.

Deployed a cloud-based SIEM in Azure using Microsoft Sentinel with a honeynet of vulnerable VMs to attract, capture, and analyze live attacks; Configured detection rules and automated incident response playbooks with Logic Apps. — In-Progress

Simulated Home SOC Lab using Azure Sentinel for threat detection and log analysis

No description available

This Is a project about Threat Detection and Response System in the Cloud

Azure Entra ID SOC Lab – Microsoft Sentinel, IAM log analysis, KQL detections, and incident response simulation

Built a cloud-based SOC home lab using Microsoft Azure and Microsoft Sentinel to detect, analyse, and visualise real-world brute-force attacks against a Windows virtual machine using SecurityEvent logs, KQL queries, GeoIP enrichment, and Sentinel workbooks.

Azure SOC home lab simulating a brute force + post-exploitation attack chain with detection and incident response using Microsoft Sentinel, Log Analytics, and KQL

Tactical Blue Team campaign conducted within Sentinel SOC Lab. This operation simulates controlled reconnaissance and attack scenarios against soc-core, validating Snort detection capabilities, log integrity, and early-stage correlation workflows. Objective: Establish reliable detection foundations before SIEM integration.

🛡 Microsoft Sentinel Security Automation Project A hands-on cybersecurity lab simulating brute-force attack detection and automated response using Microsoft Sentinel. The project includes custom KQL analytics, entity mapping, incident auto-resolution, and ownership assignment — replicating real-world SOC analyst workflows.

This project demonstrates a small SOC lab built in Azure using Microsoft Sentinel to detect brute-force activity and automate incident response using Automation Rules and Azure Logic Apps. The goal is to move from raw Windows Security Events → structured incidents → automated response

A hands-on **Security Operations Center (SOC)** lab designed to simulate real-world threat detection, monitoring, and incident response workflows. This project showcases the integration of multiple security tools like **Suricata, Splunk, Azure Sentinel, Wireshark, and Wazuh** to build a detection and response pipeline.

This project demonstrates the setup of a basic Security Operations Center (SOC) in Azure using a free Azure subscription. The lab includes deploying a virtual machine (VM) as a honeypot, forwarding logs to a central repository, and integrating Microsoft Sentinel to analyze real-world attack data.

This lab demonstrates how I used Microsoft Sentinel's Workbook feature to build interactive visualizations from real-time log data. As a beginner in cybersecurity with SOC analyst goals, my focus was to turn raw KQL queries into clear dashboards that provide insight into authentication events, device behavior, and network activity.

Microsoft Sentinel SOC Automation Lab

SOC Lab — VirtualBox + Microsoft Sentinel