cc505652/soc-detection-engineering

# SOC & Detection Engineering A continuously evolving cybersecurity knowledge base focused on Security Operations (SOC), Detection Engineering, SIEM workflows, Threat Hunting, and Incident Response. This repository documents my hands-on learning journey through: - Cisco Cybersecurity Defense Analyst - Splunk-based SOC workflows - Detection engineering concepts - Threat intelligence fundamentals - MITRE ATT&CK mapping - Incident response methodologies - Security monitoring and alert triage The goal of this repository is to build practical, operational cybersecurity understanding through structured documentation, technical notes, detections, workflows, and real-world security concepts. # Current Focus - Splunk SIEM fundamentals - SOC analyst workflows - Alert correlation and triage - Detection engineering foundations - Threat intelligence concepts - MITRE ATT&CK techniques - Incident lifecycle and escalation workflows # Repository Structure soc-detection-engineering/ │ ├── splunk/ │ ├── module-1-security-foundations.md │ ├── module-2-risk-management.md │ ├── module-3-siem-workflows.md │ ├── splunk-spl-notes.md │ └── alert-triage.md │ └── README.md New folders and domains will be added progressively as my learning expands into: * Threat Hunting * Detection Engineering * Incident Response * Cloud Security * MITRE ATT&CK Mapping * Sigma Rules * Security Automation # Learning Objectives * Develop strong SOC analyst foundations * Understand enterprise SIEM workflows * Build detection engineering skills * Learn alert investigation and incident triage * Improve threat hunting methodology * Strengthen operational security thinking * Document practical cybersecurity workflows # Tools & Technologies * Splunk * Wireshark * Nmap * Burp Suite * MITRE ATT&CK * Python * Cisco Networking Academy Labs # Ongoing Progress This repository is continuously updated as I progress through: * SOC learning paths * Splunk workflows * Detection engineering concepts * Security simulations * Threat intelligence research * Cybersecurity projects # Disclaimer This repository is intended strictly for educational, defensive, and research purposes. All notes, workflows, and concepts are documented as part of cybersecurity learning and professional development.