🛡️ Blue Team / Defensive Security Lab

PRACIVO LAB
Home Log Analysis Incident Response SIEM Queries Firewall Rules IDS Signatures Threat Hunting IOC Database
⚠️ Pracivo Security Lab — Blue team skills: log analysis, incident response, SIEM, firewall rules, IDS, threat hunting.

Blue Team Skill Areas

SkillWhat You LearnTools
Log AnalysisFind attacks hidden in access logs, syslog, Windows Event logsgrep, awk, Splunk, ELK
Incident Response6-step IR process — contain, eradicate, recoverForensic tools, memory dumps
SIEMWrite detection queries for common attacksSplunk SPL, Elastic KQL
Firewall RulesBlock attack traffic with proper rulesiptables, pfSense, AWS SG
IDS/IPS SignaturesWrite Snort/Suricata rules to detect attacksSnort, Suricata
Threat HuntingProactively search for attackers in your environmentosquery, Velociraptor