1. Configuring Azure Sentinel Setting up Azure Sentinel as a cloud-native SIEM posed a challenge, especially in terms of integrating it effectively with the Azure ecosystem and ensuring accurate data flow from the honeypot VM.
  2. Extracting Geographical Data The process of extracting accurate geographical information from IP addresses using PowerShell scripts and a third-party API required meticulous coding and testing to ensure reliable results.
  3. Creating and Managing a Virtual Honeypot Constructing a virtual honeypot that was convincingly vulnerable, yet secure enough to prevent actual compromise, required a careful balance between accessibility and control.