Introduction to VRV Security

VRV Security, founded in 2020 in Chennai, Tamil Nadu, is a global powerhouse in AI-driven cybersecurity solutions. With a presence in over 12 countries, we have rapidly expanded to protect digital assets for Fortune 500 companies and government organizations. In 2024, our company valuation soared to $400 million, and we continue to set new benchmarks in cybersecurity. We deliver more than 500,000 hours of proactive threat monitoring annually and have secured over 1 million endpoints worldwide. Trusted by over 200 international clients across 5 continents, our expert team ensures unparalleled security and client satisfaction.

What We Do

Our advanced cybersecurity offerings are built on AI and cloud technologies, tailored to protect modern digital infrastructures. Our key services include:

1. AI-Dependent Services and Solutions VAPT: Leveraging artificial intelligence, we perform comprehensive Vulnerability Assessment and Penetration Testing (VAPT) to identify and mitigate threats efficiently.
2. Cloud Infrastructure VAPT: We secure cloud environments by assessing vulnerabilities, ensuring robust defense mechanisms for sensitive data and applications.
3. Threat Monitoring & SOC: Our Security Operations Center (SOC) provides 24/7 threat monitoring, incident response, and real-time analytics to safeguard against evolving cyber threats.
4. Company Infrastructure & Services VAPT: We specialize in protecting complex enterprise infrastructure with tailor-made security strategies to prevent unauthorized access and data breaches.

Our Mission

At VRV Security, our mission is to redefine cybersecurity by delivering adaptive, AI-driven solutions that anticipate and mitigate threats before they materialize. We aim to set the gold standard in proactive threat management and ensure our clients operate in a secure and resilient digital landscape. Our commitment to innovation and excellence has earned us a 95% client retention rate, a testament to our reliable and effective security measures. We strive to continue pushing boundaries and staying at the forefront of global cybersecurity.

Assignment: Log Analysis Script

Objective

The goal of this assignment is to assess your ability to write a Python script that processes log files to extract and analyze key information. This assignment evaluates your proficiency in file handling, string manipulation, and data analysis, which are essential skills for cybersecurity-related programming tasks.

Core Requirements

Your Python script should implement the following functionalities:

1. Count Requests per IP Address:

   • Parse the provided log file to extract all IP addresses.

   • Calculate the number of requests made by each IP address.

   • Sort and display the results in descending order of request counts.

   • Example output:

     IP Address           Request Count
     192.168.1.1          234
     203.0.113.5          187
     10.0.0.2             92
     

2. Identify the Most Frequently Accessed Endpoint:

   • Extract the endpoints (e.g., URLs or resource paths) from the log file.

   • Identify the endpoint accessed the highest number of times.

   • Provide the endpoint name and its access count.

   • Example output:

     Most Frequently Accessed Endpoint:
     /home (Accessed 403 times)
     

3. Detect Suspicious Activity:

   • Identify potential brute force login attempts by:

     • Searching for log entries with failed login attempts (e.g., HTTP status code 401 or a specific failure message like "Invalid credentials").
     • Flagging IP addresses with failed login attempts exceeding a configurable threshold (default: 10 attempts).

   • Display the flagged IP addresses and their failed login counts.

   • Example output:

     Suspicious Activity Detected:
     IP Address           Failed Login Attempts
     192.168.1.100        56
     203.0.113.34         12