Building a SIEM in Microsoft Sentinel

As part of my cybersecurity learning journey, I built a SIEM solution in Microsoft Sentinel to monitor RDP attempts on the local admin profile. RDP is a common attack vector, and securing administrative accounts is critical. 

The Objective

I set up Microsoft Sentinel to track and log any RDP access attempts targeting the local admin account. This involved configuring custom detection rules and creating dashboards to visualize potential threats.

The Benefits

This project provided hands-on experience with Microsoft Sentinel, helping me understand how to detect and respond to real-world security threats. It strengthened my skills in SIEM configuration and enhanced my ability to secure critical systems.

This project not only boosted my technical skills but also reinforced my commitment to cybersecurity.