tranabansal/cybersecurity-detection-engineering-portfolio

Cybersecurity Detection Engineering 🎯 Focus Detection Engineering | SOC Analysis | Microsoft Sentinel | KQL | Sigma Rules 🛠️ Skills - Microsoft Sentinel (KQL) - Sigma Rules (SIEM detection logic) - Windows Event Log analysis - Threat Hunting methodology - MITRE ATT&CK mapping 📁 Repository Structure Sigma Rules Detection rules for: - Phishing email execution - Brute force attacks - Suspicious PowerShell activity - Lateral movement techniques KQL Queries Microsoft Sentinel queries for SOC investigation and alerting. Threat Hunting Hypothesis-driven investigations based on attacker behavior. Incident Response Simulated SOC incident reports including timeline and mitigation steps. 🧨 Attack Flow Diagram (soc-attack-simiulation/Attack-Flow.png) This diagram shows the full simulated attack chain from initial phishing to potential system compromise. 🧠 Methodology All detections are mapped to MITRE ATT&CK framework and designed with: - Detection logic - False positive awareness - SOC relevance 🎯 Goal To demonstrate real-world SOC Tier 1 / Tier 2 readiness for Microsoft Sentinel environments. ## 📫 Contact LinkedIn: https://www.linkedin.com/in/trana-bansal/ Email: tranabansal25@gmail.com