As a SOC Analyst, incident detection, analysis and mitigation is a rigorous task. The project aims at automating the detection, investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks including Phishing Email Analysis & Brand Monitoring to improve the potential security incident response.

HF Server Events is a Powershell script that creates and configures the: SQL Server Database, Forwarder Subscriptions, Schedulated Tasks and the Domain Controllers to centralize and store the events recommended by Microsoft.

SecuStreamAI is a comprehensive security event processing system designed to generate, process, and analyze security events in real-time using Kafka, Redis, PostgreSQL, Prometheus, Grafana, and FastAPI.

Events Detection with EventBridge and Lambda

All the features and services realized by the Security Event Management bounded context relative to the application domain, including specification library (e.g api), components implementation (e.g software implementation packages) and deployable systems (e.g operable component on infrastructure types).