This project demonstrates hands-on experience detecting and investigating security incidents within a Windows Server environment using system logs and event analysis.
- Windows Server
- Event Viewer
- Log analysis techniques
- Security event analysis
- Incident detection and investigation
- Log correlation
- Threat identification
- screenshots/ → Event logs and detection evidence
- logs/ → Sample Windows security logs
- reports/ → Incident investigation report
- Identified repeated failed login attempts
- Detected account lockout events
- Analyzed suspicious process execution
- Correlated multiple log sources to identify attack pattern
Successfully investigated simulated attack activity, demonstrating real-world incident response and Windows security monitoring skills.
This project highlights the ability to monitor Windows environments, detect suspicious activity, and perform structured incident investigations using system-level logs.