Every Log Tells a Story.
Learn to Read Them All.

Most SOC analysts see the alerts. Few understand what's behind them. Learn Splunk and Elastic SIEM in Arabic and become the analyst who reads every log, hunts every threat.

Explore Courses
1,500+Students Trained
100%Arabic Content
5+Years Experience

Trusted By & Aligned With

CompTIA
INE
Splunk
Elastic
EC-Council
APMG
Wazuh
CompTIA
INE
Splunk
Elastic
EC-Council
APMG
Wazuh

Training Programs

Certification-mapped courses. Entirely in Arabic. Build real-world skills with hands-on labs.

1

Security Operations Foundations

Before you touch a SIEM, you need to understand what you are looking at. This course builds the foundation every SOC analyst needs β€” logs, events, Windows and Linux analysis, MITRE ATT&CK, and how a real SOC operates. No prior security experience required.

2

Splunk Core & SPL Fundamentals

Your first step inside Splunk. You will learn how Splunk works from the inside out β€” architecture, data flow, and the Search Processing Language that powers everything. By the end you will be writing real searches, building dashboards, and setting up your first alerts.

3

Detection Engineering

This is where Splunk becomes a weapon. You will ingest real security data, write correlation rules mapped to MITRE ATT&CK, and build detections that catch brute force, credential dumping, lateral movement, and C2 beaconing. This is what separates a Splunk user from a Splunk analyst.

4

Enterprise Security & Threat Hunting

The advanced tier. You will master Splunk Enterprise Security, build a Risk-Based Alerting framework, and learn to proactively hunt for threats that no rule has ever caught. This is the course that makes you the most dangerous analyst in the room.

After this series

Get Certified

Splunk Core Certified UserSplunk Core Certified Power UserSplunk Enterprise Certified AdminSplunk Certified Cybersecurity Defense AnalystSplunk Certified Cybersecurity Defense Engineer

Roles You'll Master

πŸ›‘οΈSOC Analyst

Monitor alerts, triage incidents, and correlate SIEM events in real time.

πŸ› οΈDetection Engineer

Build Sigma rules, YARA signatures, and custom detection logic.

πŸ”Splunk Analyst

Write advanced SPL queries, build dashboards, and investigate security events.

⚑Elastic Engineer

Deploy and manage Elastic Stack for log ingestion, search, and SIEM workflows.

πŸ›‘οΈSOC Analyst

Monitor alerts, triage incidents, and correlate SIEM events in real time.

πŸ› οΈDetection Engineer

Build Sigma rules, YARA signatures, and custom detection logic.

πŸ”Splunk Analyst

Write advanced SPL queries, build dashboards, and investigate security events.

⚑Elastic Engineer

Deploy and manage Elastic Stack for log ingestion, search, and SIEM workflows.

βš™οΈSplunk Admin

Configure Splunk infrastructure, manage indexes, and optimize search performance.

🧬Threat Hunter

Proactively hunt APTs using KQL, SPL, and behavioral analytics.

🌍Threat Intelligence

Collect, analyze, and operationalize threat intel to strengthen defenses.

πŸ“ŠLog Analyst

Parse and correlate logs from endpoints, firewalls, and proxies.

πŸ–₯️SIEM Engineer

Design, deploy, and manage SIEM platforms to detect and respond to threats at scale.

βš™οΈSplunk Admin

Configure Splunk infrastructure, manage indexes, and optimize search performance.

🧬Threat Hunter

Proactively hunt APTs using KQL, SPL, and behavioral analytics.

🌍Threat Intelligence

Collect, analyze, and operationalize threat intel to strengthen defenses.

πŸ“ŠLog Analyst

Parse and correlate logs from endpoints, firewalls, and proxies.

πŸ–₯️SIEM Engineer

Design, deploy, and manage SIEM platforms to detect and respond to threats at scale.

Why Defcraft

Built for analysts.
By analysts.

Everything you need to become a certified SOC analyst β€” in Arabic, from day one.

Splunk & Elastic in Arabic

Both platforms. Ground up to advanced. The first time β€” entirely in Arabic.

Real Hands-On Labs

Real logs. Real environments. Real scenarios. No shortcuts.

Certified Instructors

1,500+ students trained. Government. Banks. Enterprise SOC teams.

Lifetime Access

Enroll once. Access forever. No expiry. No re-subscription.

Everything Included

All materials, logs, and lab environments β€” completely free with enrollment.

Course Pipeline

Track what we're building, recording, and shipping next.

View all courses β†’
πŸ”¬EDR Internals β€” Research & Development
Blue TeamΒ·ReleasedΒ·Jan 2025
πŸ”ŒHardware Hacking - Level 2 - UART
HardwareΒ·ReleasedΒ·Dec 2024
πŸ›‘οΈSOC Analyst Professional
SOCΒ·ReleasedΒ·Nov 2024
⊞Windows Native API Programming
DevelopmentΒ·ReleasedΒ·Oct 2024
πŸ› οΈSysinternals Tools Deep Dive 2
Blue TeamΒ·RecordingΒ·Q2 2025
πŸ”DFIR Analyst Professional
DFIRΒ·Coming SoonΒ·Q3 2025
β—† JOIN THE COMMUNITY β—†

Your Next Career Move
Starts Here.

1500+ cybersecurity professionals across Saudi Arabia and Egypt chose Defcraft. You're next.

Start Learning NowContact Us