windows-security-log-analysis

Here is 1 public repository matching this topic...

Compcode1 / splunk-insider-threat-simulation1

This project simulated the behavior of a malicious insider on a Windows 11 host to generate detectable telemetry for use in SIEM-based detection and host triage. The exercise focused on five core behaviors that commonly indicate internal compromise or abuse

lateral-movement windows-security-log-analysis privelege-escalation siem-based-threat-investigation host-based-intrusion-signals

Updated Jul 2, 2025
Jupyter Notebook

Improve this page

Add a description, image, and links to the windows-security-log-analysis topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the windows-security-log-analysis topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

windows-security-log-analysis

Here is 1 public repository matching this topic...

Compcode1 / splunk-insider-threat-simulation1

Improve this page

Add this topic to your repo