June 16, 2026
Automation & core tools soc
Priyanshi
Author
Automation & core tools soc
1.python
. parse logs.call APIs, automate and data transformations
2.power shell
.windows investigation: query logs, enumerate service,automate evidence collection
- suricate
.IDS engine for network detection — learn rule writing and turning
- sysmon
.rich windows telemetry: process create, network connections,file events
- bash
.quiry shell scripts and text processing with grep , awk , sed.pipes
- wireshake
.packet-level analysis to confirm data exfiltration or suspicious sessions
- splunk/ELK/Wazuh
.ingest, search, and correlate logs: dashboards and detections are core soc
- Virus Total/AbuselPDB
.fast enrichment sources for file and ip reputation checks during triage