SOC Lab Project

Security Pipeline

A Windows to Splunk monitoring system designed for real-time threat detection and security analysis.

This hands-on SOC lab project demonstrates practical cybersecurity skills including SIEM configuration, log analysis, threat detection, and incident response. Built to simulate real-world security operations center workflows and enhance threat hunting capabilities.

Key Capabilities

Core security monitoring features

Real-time Log Analysis

Continuous monitoring and analysis of Windows event logs using Splunk for threat detection.

MITRE ATT&CK Mapping

Security events mapped to MITRE ATT&CK framework for standardized threat classification.

Incident Response

Automated alerting and incident response workflows for rapid threat mitigation.

Threat Detection

Custom detection rules and dashboards to identify potential security incidents.

Tech Stack

Technologies and frameworks used

Splunk

SIEM platform

Docker

Containerization

Windows Server

Log source

MITRE ATT&CK

Threat framework

What I Learned

Key takeaways from this project

Built custom Splunk dashboards for security monitoring
Implemented log forwarding from Windows endpoints
Created detection rules based on MITRE ATT&CK techniques
Developed incident response playbooks
Practiced threat hunting and investigation techniques