Building a Sec Monitoring Environment w/ Splunk
I built a SIEM environment through Splunk then performed the following skills:
- Monitored baseline and attack logs from both Windows and Linux servers
- Loaded Windows and Apache logs onto the SIEM
- Created reports, alerts, and dashboards for the Windows and Apache logs
- Installed add-on Splunk applications for additional monitoring
- Created an accompanying slide deck to present my findings
Cybersecurity Compliance Audit for a Company w/ GAPPS)
This project's goal was to simulate working with a client to audit their cybersecurity practices and IT infrastructure:
- Played the role of Client and Auditor
- Adhered to NIST CSFv1.1 (Note: NIST CSFv2.0 was released the Monday following the completion of this project)
- Learned and navigated how to use GAPPS on my own, which is a relatively obscure web tool
- Uploaded and Logged proof of adherence to all types of policies and controls within NIST CSFv1.1, including:
- Anomalies and Events
- Security Continuous Montioring
- Detection Process
- Business Environment
- Governance
- Risk Assessment
- Risk Management Strategy
- Supply Chain Risk Management
- Identity Management, Authentication and Access Control
- Awareness and Training
- Data Security
- Information Protection Prcess and Procedures
- Maintenance
- Protective Technology
- Communications (RC.CO + RS.CO)
- Improvements (RC.CO + RS.CO)
- Recovery Planning
- Analysis
- Mitigation
- Response Planning