nazar1242/soc-analyst-lab-reports

# Cybersecurity & SOC Analyst Lab Reports Welcome to my cybersecurity portfolio. This repository serves as a centralized documentation hub for my practical laboratory works, security audits, and hands-on vulnerability assessments. The focus here is on Blue Team operations, risk management, and incident response analysis. ## Portfolio Structure ### 1. Risk & Vulnerability Assessment * [NIST SP 800-30 Risk Assessment: Marketing Database](./vulnerability-assessments/marketing-db-report.md) — A comprehensive risk assessment of a core MySQL infrastructure using the NIST framework. ### 2. Incident Response (IR) * [Incident Final Report: E-Commerce Data Breach (IDOR)](./incident-response/ecommerce-breach-report.md) — A formal post-incident report detailing the forensic investigation, containment, and remediation of a forced browsing / IDOR attack. ### 3. Industry Certifications & Academic Labs (Coming Soon) * *Google Cybersecurity Professional Certificate Hands-on Labs* * *Cisco Networking Academy Practical Tasks* ## Frameworks, Standards & Concepts Used - **NIST SP 800-30 Rev. 1** (Risk Assessment Guide for Information Security Systems) - **OWASP Top 10** (Specifically IDOR / Insecure Direct Object Reference mitigation) - **AAA Framework** (Authentication, Authorization, Auditing) - **Incident Response Lifecycle** (Detection, Analysis, Containment, Eradication, Recovery) - **Principle of Least Privilege** & Role-Based Access Control (RBAC)