Configured a Wazuh manager to monitor multiple Windows and Linux endpoints, implementing file integrity monitoring and malware detection rules. Detected suspicious behaviors, unauthorized file changes, and anomalous processes, enabling centralized alerting and proactive incident response. Integrated monitoring laid the foundation for automated threat management.

Developed an automated forensic analysis framework to process system logs, digital images, and documents. The system detects anomalies in logs, extracts hidden metadata from images, and uncovers embedded or suspicious content in documents. It enhances investigation efficiency by reducing manual effort and providing structured, reliable insights for incident response.