Back to all projects

Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel

2025-11-15
Samson Otori
Personal Project
Blue Team
Cloud
Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel
Blue Team
Cloud
Incident Response
Microsoft Sentinel
Azure AD
Entra ID
Identity Security
SOC Operations
KQL
Impossible Travel
Geographic Detection
Microsoft Sentinel
Azure AD
Entra ID
KQL
Identity Security

Continue Reading

PreviousProject 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion
Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion

Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion

Detecting and investigating anomalous Azure resource lifecycle operations using Microsoft Sentinel, identifying excessive resource creation…

Nov 16, 2025

Read previous
NextProject 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel
Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel

Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel

Detecting PowerShell-based web payload staging, building Sentinel analytics for Invoke-WebRequest abuse, and walking through end-to-end inc…

Nov 10, 2025

Read next
Related Projects
Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion
Blue Team

Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion

Nov 16Project
Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel
Blue Team

Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel

Nov 10Project
Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel
Blue Team

Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel

Nov 8Project
Oldest Projects
Introduction to the MYDFIR SOC Analyst Challenge
Blue Team

Introduction to the MYDFIR SOC Analyst Challenge

Oct 31Project
Part 1: Foundation, A Logical Network Diagram
Blue Team

Part 1: Foundation, A Logical Network Diagram

Nov 1Project
Part 2: Diving into the ELK Stack
Blue Team

Part 2: Diving into the ELK Stack

Nov 2Project
Newest Projects
Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable
Blue Team

Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable

Nov 21Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)

Nov 17Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)

Nov 17Project
Project Categories
All
57
Cloud
13
Blue Team
39
Red Team
2
Infrastructure
3