Security information and event management¶

Splunk and ELK exercises, including Boss of the SOC and CyberDefenders scenarios, alongside notes on detection frameworks and threat intelligence. Covers the Cyber Kill Chain, MITRE ATT&CK, Unified Kill Chain, and Diamond Model alongside the practical work of querying, correlating, and tuning alerts.