A foundational series designed to help analysts understand the core concepts of SIEM platforms, focusing on practical usage, log analysis, and real-world investigation workflows using tools like QRadar and Microsoft Sentinel.

This series provides a structured introduction to SIEM from an analyst’s perspective. It covers how modern SIEM platforms collect, normalize, and correlate logs, and how these capabilities are used in daily SOC operations.

Open pathSIEM 101 part 1