The purpose of utilizing the Detection Lab for personal learning is to gain hands-on experience and practical knowledge in cybersecurity detection techniques. By immersing oneself in simulated attack scenarios and real-world detection challenges, individuals can deepen their understanding of security concepts, tools, and methodologies.
- Advanced understanding of SIEM deployment concepts and practical application in testing environment.
- How to ingest , orgabize , search & analyze logs in SIEM.
- Creation of deetction logic from ingested logs in SIEM.
- Ability to ingest logs data and recognize attack signatures and patterns.
- Enhanced knowledge of network protocols and security vulnerabilities.
- Development of critical thinking and problem-solving skills by utilizing practical scenarios.
- Security Information and Event Management (SIEM) system for log ingestion and analysis Wazuh
- Wazuh EDR for managing endpoint telemertry data & logs ingestions. in test environment
- Powershell for deployment of agents on endpoint / server.
Will update soon
Ref 1: Network Diagram