Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

Enhance your cybersecurity skills with comprehensive notes for SOC Analysts. Dive into security operations, incident response, threat hunting, and practical examples to bolster your expertise. Access valuable resources to level up your cybersecurity game on my GitHub repository.

The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.

Threat Intelligence Analysis workflows built with n8n and integrated in SecurityOnion

This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu 22.04 for Wazuh and TheHive, deployed on cloud or VMs. Goals: automate event collection, alerting, and incident response to enhance SOC efficiency.

Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace

The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 months ago. These answers can be used by others who want to learn and practice their skills in cybersecurity.

A log-based Threat Hunting tool

The Security Maturity Project Tracking Matrix helps organizations evaluate and enhance their security capabilities across multiple domains. It provides a structured framework to track progress, streamline processes, and achieve security maturity goals effectively.

PythonSOCModules: Elevate your Security Operations Center (SOC) with Python's Paramiko, Requests, PyShark, Scapy, Matplotlib, and Seaborn modules. Strengthen security monitoring, incident detection, and response.

Welcome to the Cybersecurity Questions and Answers Repository! This project aims to create a comprehensive collection of questions and answers related to various cybersecurity topics. Whether you’re a beginner looking to learn or a seasoned professional wanting to share your knowledge, this repo is the perfect place for you.

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Implemented a miniature HoneyNet on Azure, integrating log sources from diverse resources into a Log Analytics workspace.

A Security Operations Center (SOC) created by open source tools

this project is about the open source soc solution

A comprehensive SOC Analyst project that includes detection rules, attack simulations, automated responses, and SIEM configuration.

# Defensive Security Hub A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts. This repository aims to support your security efforts and enhance your skills. 🌐🔒

Automated email phishing detection and response tool for SOC teams. Extracts IOCs, enriches threat intelligence, and logs incidents from Gmail and IMAP sources. Built for secure, scalable incident response and compliance.

This repository showcases how I configured a SOC home lab using VirtualBox, deploying a Windows server host and a linux host to forward Sysmon logs via Splunk Universal Forwarder to a Splunk server. Integrated Atomic Red Team to simulate attack scenarios, generating logs for monitoring and analysis in Splunk for threat detection.