Cybersecurity2025-2026Featured
SIEM Research & Implementation - Graduation Project
For my graduation internship at ChipSoft, I conducted in-depth research into SIEM solutions to strengthen the organization's security monitoring capabilities. The project involved building a complete home lab environment with Active Directory, implementing Wazuh SIEM with agents across multiple hosts, and developing custom detection rules for various MITRE ATT&CK tactics including Credential Access, Lateral Movement, Persistence, Privilege Escalation, Defense Evasion, and automated threat response.
Technologies Used
Wazuh SIEMActive DirectorySysmonMITRE ATT&CKSecurity MonitoringAutomated ResponseThreat Detection
Key Highlights
- 1Researched and evaluated enterprise SIEM solutions
- 2Built complete Active Directory lab environment
- 3Implemented Wazuh with Sysmon log collection
- 4Created custom MITRE ATT&CK detection rules
- 5Developed automated threat response system
Architecture Overview
Interactive diagram showing the system architecture. Drag to pan, scroll to zoom, and hover over nodes for details.
Host PC
VMWare Workstation
Wazuh Manager
Linux Server
Windows Server
Wazuh Agent + Sysmon
Windows User
Wazuh Agent + Sysmon
Kali Linux
Attacker Machine
VirusTotal
API Integration
Host
VMWare Virtual Network
Attacker
External API
Scroll to zoom