Competencies: Platforms & Products > Security Products

Security Products

Body of Knowledge

Topic	Description	Relevance	Career Tracks
Wazuh SIEM	Open-source security information and event management platform. Features include centralized log collection, file integrity monitoring, intrusion detection, vulnerability detection, rule customization, and security analytics dashboards.	High	Security Analyst, SOC Engineer, Security Engineer
Microsoft Sentinel	Cloud-native SIEM, KQL queries, playbooks, workbooks, data connectors	High	Security Analyst, SOC Engineer, Cloud Security Engineer
Splunk	Enterprise SIEM, SPL queries, dashboards, apps, indexing, forwarders	High	Security Analyst, SOC Engineer, Data Engineer
CrowdStrike Falcon	EDR platform, threat intelligence, real-time response, API integration	High	Security Analyst, Endpoint Engineer, SOC Engineer
Palo Alto XSOAR	SOAR platform, playbooks, integrations, incident response automation	Medium	Security Analyst, SOC Engineer, Security Automation Engineer
Tenable/Nessus	Vulnerability scanning, compliance auditing, asset discovery, reporting	High	Security Engineer, Vulnerability Analyst
CyberArk	Privileged access management, password vault, session recording, PSM	Medium	IAM Specialist, Security Engineer
BeyondTrust	Privileged access management, remote access, vulnerability management	Medium	IAM Specialist, Security Engineer

Topic

Description

Relevance

Career Tracks

Wazuh SIEM

Open-source security information and event management platform. Features include centralized log collection, file integrity monitoring, intrusion detection, vulnerability detection, rule customization, and security analytics dashboards.

High

Security Analyst, SOC Engineer, Security Engineer

Microsoft Sentinel

Cloud-native SIEM, KQL queries, playbooks, workbooks, data connectors

High

Security Analyst, SOC Engineer, Cloud Security Engineer

Splunk

Enterprise SIEM, SPL queries, dashboards, apps, indexing, forwarders

High

Security Analyst, SOC Engineer, Data Engineer

CrowdStrike Falcon

EDR platform, threat intelligence, real-time response, API integration

High

Security Analyst, Endpoint Engineer, SOC Engineer

Palo Alto XSOAR

SOAR platform, playbooks, integrations, incident response automation

Medium

Security Analyst, SOC Engineer, Security Automation Engineer

Tenable/Nessus

Vulnerability scanning, compliance auditing, asset discovery, reporting

High

Security Engineer, Vulnerability Analyst

CyberArk

Privileged access management, password vault, session recording, PSM

Medium

IAM Specialist, Security Engineer

BeyondTrust

Privileged access management, remote access, vulnerability management

Medium

IAM Specialist, Security Engineer

Personal Status

Topic	Level	Evidence	Active Projects	Gaps
Wazuh SIEM	Intermediate	Wazuh manager + agent deployment — log collection, FIM, rule customization, dashboard exploration; evaluated for home lab and CHLA	SIEM Operations	No custom decoders, no Wazuh API integration, no large-scale deployment (100+ agents)

Topic

Level

Evidence

Active Projects

Gaps

Wazuh SIEM

Intermediate

Wazuh manager + agent deployment — log collection, FIM, rule customization, dashboard exploration; evaluated for home lab and CHLA

SIEM Operations

No custom decoders, no Wazuh API integration, no large-scale deployment (100+ agents)