Posts

Showing posts from September, 2023
Image
  HOW TO BUILD SIEM AZURE SENTINEL Cybersecurity Home Lab By Tavaras Pinckney on September 03, 2023      In this blog,  I will be giving step-by-step instructions on how to build an SIEM using Azure Sentinel. The purpose of this content is to gain hands-on experience and practical knowledge of what the day and life of an SOC Analyst is like. The key objective of this lab is to extract data using API from Windows Event and Security Viewer. Then ingest that data into Azure Log Analytics, and finally map out the raw data in Azure Sentinel. I will be providing as many screenshots as possible for each step taken and descriptions to give a clear understanding of this process.      A SIEM helps organizations detect, analyze, and respond to security threats before they harm business  operations. Our objective is to build an SIEM system in a virtual environment utilizing a personalized PowerShell script that extracts metadata from the Windows E...