Implementation Open Source SOC using ELK stack,TheHive, Cortex,MISP
Jan 2022 - Feb 2022
Implementation Open Source SOC using ELK stack,TheHive, Cortex,MISP:
Soc Open Source is a Project Designed for Security Analysts and all SOC audiences who want to play with implementation and explore the Modern SOC architecture. All of the components are used based on Open Source Projects(Available at the time of first commit).
This is Part-1, we will show the base of the model with ELK, TheHive- Cortex-MISP and we will use some dummy data to ingest in ELK. In upcoming episodes, we will include more data sources to ELK- Wazuh, Snort, Honeypot and Also we will integrate Atomic Red Team to ELK for Attack Simulation. We will also show how you can automate your flows with Shuffle. So watch this space out!
Soc Open Source is a Project Designed for Security Analysts and all SOC audiences who want to play with implementation and explore the Modern SOC architecture. All of the components are used based on Open Source Projects(Available at the time of first commit).
This is Part-1, we will show the base of the model with ELK, TheHive- Cortex-MISP and we will use some dummy data to ingest in ELK. In upcoming episodes, we will include more data sources to ELK- Wazuh, Snort, Honeypot and Also we will integrate Atomic Red Team to ELK for Attack Simulation. We will also show how you can automate your flows with Shuffle. So watch this space out!
Comments
Post a Comment