Archives
Azure-based Suspicious Login Detection System
Overview This project replicates a real-world Security Operations Center (SOC) environment by simulating, detecting, and alerting on suspicious login activity using Azure Sentinel, Log Analytics, and Logic Apps — all within the Azure Free Tier. The goal was to simulate threats like: Multiple failed logins (brute-force attempts) Logins from unusual locations Off-hour access behavior I…
Windows Event Log Monitoring and Alerting via PowerShell
Overview This project focuses on building a PowerShell-based automation to monitor Windows Event Logs — specifically targeting failed login attempts (Event ID 4625). The script reads the Security log, extracts recent failed logins, and sends a real-time email alert if any are found. It runs silently in the background every 5 minutes using Task Scheduler….