Thabo Sakonta

Microsoft Certified Security Operations Analyst (SC-200)

SOC Analyst • Threat Hunting • Detection Engineering • DFIR • Microsoft Sentinel • MITRE ATT&CK

📄 Download CV

About Me

I am a Microsoft Certified Security Operations Analyst (SC-200) with practical experience in Security Operations Center (SOC) investigations, Microsoft Sentinel, Threat Hunting, Detection Engineering, Digital Forensics, Incident Response, MITRE ATT&CK Mapping and Security Monitoring. My portfolio demonstrates hands-on cybersecurity projects built using Linux, Bash, Microsoft Sentinel, Sigma Rules, Windows Event Logs, Sysmon, Velociraptor, Wireshark and Threat Hunting methodologies.

Technical Skills

Certifications

Featured Cybersecurity Projects

Microsoft Sentinel Lab

SOC investigation, alert triage, incident response, KQL queries and MITRE ATT&CK mapping.

View Project →

Threat Hunting Lab

Threat hunting, IOC analysis, log investigation, privilege escalation detection and MITRE ATT&CK mapping.

View Project →

Detection Engineering Lab

Sigma Rule development, Windows detections, detection engineering and MITRE ATT&CK mapping.

View Project →

Velociraptor Investigation Lab

Digital Forensics, endpoint investigation, incident response and DFIR methodology.

View Project →

Python SOC Automation Lab

Python automation for SOC investigations, detections and incident response.

View Project →

Network Traffic Analysis Lab

Network monitoring, DNS analysis, HTTP investigation and suspicious IP detection.

View Project →

Windows Event Analysis Lab

Windows Security Event investigation and authentication log analysis.

View Project →

Sysmon Event Analysis Lab

Endpoint telemetry analysis using Sysmon and process monitoring.

View Project →

MITRE ATT&CK Mapping Lab

Threat mapping, ATT&CK techniques and detection engineering.

View Project →

SOC Dashboard Lab

SOC dashboard, investigations, alert metrics and monitoring workflows.

View Project →

Connect With Me

LinkedIn GitHub 📧 Email Me