I’m a final-semester Cybersecurity M.S. student based in Houston, working toward a career as a SOC Analyst or Detection Engineer.
I enjoy building small, focused labs that answer practical questions like “who scanned me?” and “what did they try?”

• Windows Security Monitoring (Splunk) – tracking failed logons (4625), account lockouts, and brute-force attempts
• Snort → Splunk Portscan – detecting Nmap SYN bursts and visualizing top sources/ports with timelines
• OWASP ZAP – Juice Shop Assessment – web application vulnerability scanning and reporting

I learn best by simulating real-world scenarios, collecting raw logs, and transforming them into fields, searches, and dashboards that speed up investigation and triage.

• SIEM: Splunk (SPL queries, dashboards)
• Threat Detection: Windows Event Logs, Snort, OWASP ZAP
• Networking & Testing: Nmap, Wireshark basics
• Platforms: VirtualBox, Docker, Ubuntu, Kali Linux
• Scripting: Basic Python
• Certification: CompTIA Security+

• Windows Security Monitoring (Splunk SIEM)
  Repo: Splunk-security-dashboard
  Focus: Event IDs 4625/4624/4740, brute-force logic, lockout tracking

• Snort → Splunk Portscan Demo
  Repo: snort-splunk-portscan-demo
  Focus: SYN-burst detection, field parsing, top sources/ports, time-based visualization

• OWASP ZAP – Juice Shop Lab
  Repo: owasp-zap-juice-shop-lab
  Focus: OWASP Top 10 vulnerabilities, scanning methodology, HTML reporting

• Expand Splunk dashboards with Sysmon (process/network visibility)
• Experiment with slow-scan detection and GeoIP enrichment
• Document additional labs for SOC triage and incident response practice

• LinkedIn: linkedin.com/in/numanshaik
• Email: numanshaik.cyber@gmail.com