Abdelkader Ounnoughi
Objectives:
Utilize SIEM tools for effective real-time monitoring and alerting.
Analyze and interpret logs to extract meaningful insights.
Document incident detection and response processes.
Tools Used:
SIEM: Splunk
Process:
Set up and configured Splunk for log collection and analysis.
Monitored various logs to identify security events and potential threats.
Analyzed and interpreted log data to generate insights and identify patterns.
Documented the processes and methodologies for incident detection and response.
Participated in the challenge to test and enhance incident response skills in a competitive environment.
Outcomes:
Improved real-time monitoring and alert management capabilities.
Enhanced ability to analyze and interpret log data for effective incident response.
Gained practical experience in a competitive SOC environment.