Skip to content
#

host-based-intrusion-signals

Star

Here is 1 public repository matching this topic...

Compcode1 / splunk-insider-threat-simulation1

Star 0

This project simulated the behavior of a malicious insider on a Windows 11 host to generate detectable telemetry for use in SIEM-based detection and host triage. The exercise focused on five core behaviors that commonly indicate internal compromise or abuse

lateral-movement windows-security-log-analysis privelege-escalation siem-based-threat-investigation host-based-intrusion-signals
  • Updated Jul 2, 2025
  • Jupyter Notebook

Improve this page

Add a description, image, and links to the host-based-intrusion-signals topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the host-based-intrusion-signals topic, visit your repo's landing page and select "manage topics."

Learn more