Skip to content

BettinaSM/threat-detection-lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
alerts
alerts
 
 
logs
logs
 
 
rules
rules
 
 
scripts
scripts
 
 
README.md
README.md
 
 

Repository files navigation

🔐 Threat Detection Lab

Overview

This project simulates threat detection in Linux environments using log analysis and basic detection rules.

Objectives

  • Detect brute force login attempts
  • Identify unauthorized privilege escalation
  • Simulate security monitoring scenarios

Logs Analyzed

  • Authentication logs
  • System logs
  • Sudo activity

Detection Scenarios

1. Brute Force Attack

Multiple failed login attempts detected

2. Privilege Escalation

Unauthorized sudo usage identified

Detection Logic

Basic rules are applied using shell scripts to simulate security monitoring.

What I Learned

  • Log analysis for security
  • Detection of suspicious behavior
  • Basic threat detection techniques

Security Perspective

This lab simulates how security teams detect:

  • Unauthorized access attempts
  • Privilege misuse
  • Potential attacks in infrastructure environments

Key Takeaway

Security monitoring is based on identifying patterns in logs and correlating events to detect threats.

About

Threat detection lab simulating security monitoring in Linux environments using log analysis, detection rules and correlation between authentication, system and resource events.

Topics

linux bash security automation log-analysis monitoring cybersecurity siem devsecops threat-detection incident-detection

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages