Project Details
Cybersecurity2025-2026Completed
SIEM Research & Implementation - Graduation Project
For my graduation internship at ChipSoft, I conducted in-depth research into SIEM solutions to strengthen the organization's security monitoring capabilities. The project involved building a complete home lab environment with Active Directory, implementing Wazuh SIEM with agents across multiple hosts, and developing custom detection rules for various MITRE ATT&CK tactics including Credential Access, Lateral Movement, Persistence, Privilege Escalation, Defense Evasion, and automated threat response.
Technologies Used
// tech_stackWazuh SIEMActive DirectorySysmonMITRE ATT&CKSecurity MonitoringAutomated ResponseThreat Detection
Key Highlights
// achievements- 1Researched and evaluated enterprise SIEM solutions
- 2Built complete Active Directory lab environment
- 3Implemented Wazuh with Sysmon log collection
- 4Created custom MITRE ATT&CK detection rules
- 5Developed automated threat response system
Architecture Overview
// network_topologyInteractive diagram showing the system architecture. Drag to pan, scroll to zoom, and hover over nodes for details.
Host PC
VMWare Workstation
Wazuh Manager
Linux Server
Windows Server
Wazuh Agent + Sysmon
Windows User
Wazuh Agent + Sysmon
Kali Linux
Attacker Machine
VirusTotal
API Integration
Host
VMWare Virtual Network
Attacker
External API
Scroll to zoom