ag48665/soc-analyst-portfolio

# SOC Analyst Portfolio Portfolio showcasing hands-on cybersecurity investigations, detection engineering, threat hunting, and security monitoring. ## Skills * Windows Event Log Analysis * Sysmon * Sigma Rules * Threat Hunting * Incident Response * Detection Engineering * MITRE ATT&CK * Security Monitoring ## Home SOC Lab Projects ### Windows Event Investigation * Successful Logon Analysis (Event ID 4624) * Failed Logon Analysis (Event ID 4625) ### Sysmon Monitoring * Sysmon Installation Verification * Process Creation Monitoring * PowerShell Execution Detection ### Detection Engineering * Sigma Failed Logon Detection ## Environment ### Host Machine * Dell Latitude 9410 * Windows 11 * 16 GB RAM ### Virtual Machine * Windows 11 Enterprise Evaluation * Oracle VirtualBox ## Learning Goals * Windows Event Logs * Sysmon * Threat Hunting * Detection Engineering * Incident Response ## MITRE ATT&CK Techniques Covered * T1059 – Command and Scripting Interpreter * T1059.001 – PowerShell * T1110 – Brute Force ## Repository Structure home-soc-lab/ ├── windows-event-analysis.md ├── sysmon-installation.md ├── sysmon-process-creation.md ├── powershell-detection.md ├── sigma-failed-logon-detection.md └── screenshots/