Boss of the SOC V1 (2015) – Website Defacement Investigation
Boss of the SOC V1 (2015) – Website Defacement Investigation
This project demonstrates an investigation of a website defacement incident from the Boss of the SOC V1 (2015) challenge, simulating real-world SOC analyst workflows using SIEM-based log analysis.
Key Highlights
- Investigated a website defacement incident using SIEM data
- Analyzed web server, authentication, and system logs
- Identified attacker activity and constructed an attack timeline
- Correlated indicators to determine root cause
- Practiced SOC-style incident investigation and reporting
This project focuses on developing practical incident investigation skills, including log analysis, timeline reconstruction, and root cause identification, reflecting how SOC analysts investigate and respond to real security incidents.
This post is licensed under CC BY 4.0 by the author.