Author name: andra

This threat intelligence report documents the investigation into a potential Stuxbot intrusion in an organization. This project was part of the HTB Certified Defensive Security Analyst track. Please note: Not all the information I mention here appears in the screenshots. This analysis involves the identification of Indicators of Compromise (IOCs) and the assessment of various …

Threat Hunting with Elastic: Stuxbot Intrusion Investigation Read More »

In this project, I implemented Azure Sentinel, a Security Information and Event Management (SIEM) tool, to monitor a “honeypot” I created—a deliberately vulnerable system designed to attract and analyze malicious activity.  The honeypot was configured on a virtual machine (VM) hosted on Microsoft Azure and exposed to the internet. This documentation outlines the key steps …

Azure Sentinel for Honeypot Security Monitoring (Real-World Attack Simulation) Read More »