Back to all projects

Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel

2025-11-08
Samson Otori
Personal Project
Blue Team
Cloud
Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel
Blue Team
Cloud
Incident Response
Microsoft Sentinel
Microsoft Defender for Endpoint
KQL
SOC Operations
Azure
Brute Force Detection
Microsoft Sentinel
Microsoft Defender for Endpoint
KQL
Azure
Windows

Continue Reading

PreviousProject 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel
Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel

Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel

Detecting PowerShell-based web payload staging, building Sentinel analytics for Invoke-WebRequest abuse, and walking through end-to-end inc…

Nov 10, 2025

Read previous
NextProject 5.4: LOG(N) Pacific Internship: Threat Hunting Scenario 4: PwnCrypt Ransomware Outbreak
Project 5.4: LOG(N) Pacific Internship: Threat Hunting Scenario 4: PwnCrypt Ransomware Outbreak

Project 5.4: LOG(N) Pacific Internship: Threat Hunting Scenario 4: PwnCrypt Ransomware Outbreak

A comprehensive threat hunting exercise investigating a PwnCrypt ransomware outbreak, using Microsoft Defender for Endpoint to analyze file…

Oct 24, 2025

Read next
Related Projects
Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion
Blue Team

Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion

Nov 16Project
Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel
Blue Team

Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel

Nov 10Project
Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel
Blue Team

Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel

Nov 15Project
Oldest Projects
Introduction to the MYDFIR SOC Analyst Challenge
Blue Team

Introduction to the MYDFIR SOC Analyst Challenge

Oct 31Project
Part 1: Foundation, A Logical Network Diagram
Blue Team

Part 1: Foundation, A Logical Network Diagram

Nov 1Project
Part 2: Diving into the ELK Stack
Blue Team

Part 2: Diving into the ELK Stack

Nov 2Project
Newest Projects
Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable
Blue Team

Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable

Nov 21Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)

Nov 17Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)

Nov 17Project
Project Categories
All
57
Cloud
13
Blue Team
39
Red Team
2
Infrastructure
3