Investigate and analyse logs and security:related events via EDR/XDR/Raw Logs Investigating using SIEM consoles. Live Disk forensics. TTP based Threat Hunting.