Every Log Tells a Story.
Learn to Read Them All.

Most SOC analysts see the alerts. Few understand what's behind them. Learn Splunk and Elastic SIEM in Arabic and become the analyst who reads every log, hunts every threat.

Explore Courses
1,500+Students Trained
100%Arabic Content
5+Years Experience

Trusted By & Aligned With

CompTIA
INE
Splunk
Elastic
EC-Council
APMG
Wazuh
CompTIA
INE
Splunk
Elastic
EC-Council
APMG
Wazuh

Training Programs

Certification-mapped courses. Entirely in Arabic. Build real-world skills with hands-on labs.

Learning Path

Splunk Series

1

Security Operations Foundations

Before you touch a SIEM, you need to understand what you are looking at. This course builds the foundation every SOC analyst needs β€” logs, events, Windows and Linux analysis, MITRE ATT&CK, and how a real SOC operates. No prior security experience required.

Explore Certifications
2

Splunk Core & SPL Fundamentals

Your first step inside Splunk. You will learn how Splunk works from the inside out β€” architecture, data flow, and the Search Processing Language that powers everything. By the end you will be writing real searches, building dashboards, and setting up your first alerts.

Start Learning
3

Detection Engineering

This is where Splunk becomes a weapon. You will ingest real security data, write correlation rules mapped to MITRE ATT&CK, and build detections that catch brute force, credential dumping, lateral movement, and C2 beaconing. This is what separates a Splunk user from a Splunk analyst.

Build Detections
4

Enterprise Security & Threat Hunting

The advanced tier. You will master Splunk Enterprise Security, build a Risk-Based Alerting framework, and learn to proactively hunt for threats that no rule has ever caught. This is the course that makes you the most dangerous analyst in the room.

Master Splunk ES
Splunk

After the series

Get Certified

You will be prepared for these certifications

Splunk Core Certified User
Splunk Core Certified Power User
Splunk Enterprise Certified Admin
Splunk Certified Cybersecurity Defense Analyst
Splunk Certified Cybersecurity Defense Engineer

Roles You'll Master

πŸ›‘οΈSOC Analyst

Monitor alerts, triage incidents, and correlate SIEM events in real time.

πŸ› οΈDetection Engineer

Build Sigma rules, YARA signatures, and custom detection logic.

πŸ”Splunk Analyst

Write advanced SPL queries, build dashboards, and investigate security events.

⚑Elastic Engineer

Deploy and manage Elastic Stack for log ingestion, search, and SIEM workflows.

πŸ›‘οΈSOC Analyst

Monitor alerts, triage incidents, and correlate SIEM events in real time.

πŸ› οΈDetection Engineer

Build Sigma rules, YARA signatures, and custom detection logic.

πŸ”Splunk Analyst

Write advanced SPL queries, build dashboards, and investigate security events.

⚑Elastic Engineer

Deploy and manage Elastic Stack for log ingestion, search, and SIEM workflows.

βš™οΈSplunk Admin

Configure Splunk infrastructure, manage indexes, and optimize search performance.

🧬Threat Hunter

Proactively hunt APTs using KQL, SPL, and behavioral analytics.

🌍Threat Intelligence

Collect, analyze, and operationalize threat intel to strengthen defenses.

πŸ“ŠLog Analyst

Parse and correlate logs from endpoints, firewalls, and proxies.

πŸ–₯️SIEM Engineer

Design, deploy, and manage SIEM platforms to detect and respond to threats at scale.

βš™οΈSplunk Admin

Configure Splunk infrastructure, manage indexes, and optimize search performance.

🧬Threat Hunter

Proactively hunt APTs using KQL, SPL, and behavioral analytics.

🌍Threat Intelligence

Collect, analyze, and operationalize threat intel to strengthen defenses.

πŸ“ŠLog Analyst

Parse and correlate logs from endpoints, firewalls, and proxies.

πŸ–₯️SIEM Engineer

Design, deploy, and manage SIEM platforms to detect and respond to threats at scale.

Why Defcraft

Built for analysts.
By analysts.

Everything you need to master SIEM operations β€” Splunk and Elastic, in Arabic, from the ground up.

Splunk & Elastic in Arabic

Both platforms. Ground up to advanced. The first time β€” entirely in Arabic.

Real Hands-On Labs

Real logs. Real environments. Real scenarios. No shortcuts.

Certified Instructors

1,500+ students trained. Government. Banks. Enterprise SOC teams.

Lifetime Access

Enroll once. Access forever. No expiry. No re-subscription.

Everything Included

All materials, logs, and lab environments β€” completely free with enrollment.

Course Pipeline

Track what we're building, recording, and shipping next.

View all courses β†’
CourseCategoryStatusExpected
πŸ”¬EDR Internals β€” Research & Development
Blue TeamReleasedJan 2025
πŸ”ŒHardware Hacking - Level 2 - UART
HardwareReleasedDec 2024
πŸ›‘οΈSOC Analyst Professional
SOCReleasedNov 2024
⊞Windows Native API Programming
DevelopmentReleasedOct 2024
πŸ› οΈSysinternals Tools Deep Dive 2
Blue TeamRecordingQ2 2025
πŸ”DFIR Analyst Professional
DFIRComing SoonQ3 2025
β—† JOIN THE COMMUNITY β—†

Your Next Career Move
Starts Here.

1500+ cybersecurity professionals across Saudi Arabia and Egypt chose Defcraft. You're next.

Start Learning NowContact Us