Local AI-powered security incident triage. Connect it to your SIEM, point it at a local Ollama model, and get instant analysis on every alert — nothing leaves your machine.

Advanced SOC threat detection lab using Elastic SIEM, Sysmon, and Kali Linux. Simulated real attacks including Nmap reconnaissance, Hydra brute force, and SMB vulnerability scanning. Built 5 custom KQL detection rules generating 213 live alerts with Kibana dashboards for threat visualization.

SOC Lab 14 — Threat Hunting in Kibana | Performing threat hunting queries in Elastic Discover to identify anomalous host behavior

SOC Lab 13 — Elastic Attack Simulation & Alerting | Simulating SSH brute force attacks and analyzing detection gaps in Elastic SIEM

SOC Lab 11 — Elastic SIEM Setup | Deploying Elastic Security and ingesting logs from Kali Linux via Elastic Agent

SOC Internship project at Elevance Skills

SOC Lab 12 — Elastic Detection Rules | Configuring and deploying SIEM detection rules in Elastic Security

Hands-on cybersecurity labs focused on penetration testing, attack simulation, and real-world exploitation techniques.

SOC Lab 20 — GRC: Policy and Technical Enforcement | Writing a security policy and demonstrating technical enforcement using Elastic SIEM and Linux system controls

My first hands-on Intel 471 threat hunting workshop experience investigating CVE-2023-46604 using Elastic SIEM, vulnerability intelligence, and post-exploitation detection.

SSH detection gap remediation — installed rsyslog, enabled ForwardToSyslog on Kali Linux, confirmed auth.log ingestion into Elastic SIEM, and validated end-to-end SSH brute force alerting with 31 alerts fired