Security Awareness & EDR Lab:

Strengthening Cybersecurity Defenses

Running Phishing Campaign Simulations

To raise awareness about social engineering risks, I launched controlled phishing campaign simulations using open-source tools aligned with KnowBe4 style training. Employees (test users) received simulated emails designed to mimic common phishing tactics such as credential harvesting and malicious attachments.

Phishing simulation campaign dashboard

The simulations highlighted which users were most at risk, enabling targeted training and reinforcing best practices such as verifying email senders and avoiding suspicious links.

Testing CrowdStrike EDR Against Common Threats

Next, I installed a CrowdStrike EDR trial version on multiple endpoints to evaluate its detection and response capabilities. I simulated threats such as:

  • Malicious PowerShell scripts
  • Known malware samples in a controlled environment
  • Suspicious file execution attempts
CrowdStrike EDR dashboard with threat detections

The EDR successfully detected the threats, blocked execution, and generated detailed alerts. This validated its effectiveness in real-time protection and incident response.

Practicing Log Analysis and Incident Response

Logs from endpoints, CrowdStrike, and phishing simulations were aggregated and analyzed to identify attack patterns. I practiced correlating events across multiple sources, such as:

  • Failed login attempts followed by suspicious network connections
  • Email click activity aligning with malware execution logs
  • Alert timelines from EDR detections
Security log analysis dashboard

Incident response procedures were practiced, including isolating affected machines, escalating alerts, and validating containment.

Documenting Mitigation Plans and User Communication

Finally, I developed mitigation plans to reduce future risk. These included tightening email gateway filters, enforcing stronger endpoint controls, and refining patch management policies.

User communication strategies were also documented. Employees were informed about simulation outcomes, provided with security awareness tips, and guided on how to report suspicious activity effectively.

User security awareness training session

Conclusion

The Security Awareness & EDR Lab reinforced the importance of combining technical defenses with user education. From phishing simulations to EDR testing, the lab provided hands-on experience in identifying, analyzing, and mitigating threats.

This holistic approach ensures stronger resilience against cyberattacks by addressing both the human and technological elements of security.

Recent Posts