Back to all projects

Part 1: Planning the Infrastructure

2024-11-30
Samson Otori
Personal Project
Blue Team
Part 1: Planning the Infrastructure

Challenge

Gaining practical experience in SOC tasks like alert management, response actions, and data enrichment using a functional SOAR setup.

Solution

Building a home lab environment from scratch, diagramming the architecture, and planning the deployment of Wazuh, The Hive, and Shuffle for event logging, alert triggering/enrichment, and case management.

Results

  • Planned the SOC lab infrastructure
  • Created a logical flow diagram using Draw.io
  • Outlined the main workflow from event generation to case management
  • Mapped alert flow using color-coded connections

Project Gallery

Detailed SOC Automation Workflow showing connections between Wazuh, Shuffle, TheHive and other components
Blue Team
SIEM
SOAR
Wazuh
The Hive
Shuffle
Windows 10
Draw.io

Continue Reading

PreviousProject 2: SOC Automation Project · Part 2 of 3
Part 2: Infrastructure Setup

Part 2: Infrastructure Setup

Setting up the core infrastructure components for our SOC automation environment including Wazuh, Windows client, and TheHive

Mar 5, 2025

Read previous
NextProject 2: SOC Automation Project · Part 2 of 3
Part 2: Infrastructure Setup

Part 2: Infrastructure Setup

Setting up the core infrastructure components for our SOC automation environment including Wazuh, Windows client, and TheHive

Mar 5, 2025

Read next
Related Projects
Part 3: Generating and Ingesting Telemetry
Blue Team

Part 3: Generating and Ingesting Telemetry

Mar 21Project
Part 2: Infrastructure Setup
Blue Team

Part 2: Infrastructure Setup

Mar 5Project
Project 4.4: Integrating Wazuh SIEM/XDR and Nessus in a Cybersecurity Home Lab
Blue Team

Project 4.4: Integrating Wazuh SIEM/XDR and Nessus in a Cybersecurity Home Lab

Aug 3Project
Oldest Projects
Introduction to the MYDFIR SOC Analyst Challenge
Blue Team

Introduction to the MYDFIR SOC Analyst Challenge

Oct 31Project
Part 1: Foundation, A Logical Network Diagram
Blue Team

Part 1: Foundation, A Logical Network Diagram

Nov 1Project
Part 2: Diving into the ELK Stack
Blue Team

Part 2: Diving into the ELK Stack

Nov 2Project
Newest Projects
Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable
Blue Team

Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable

Nov 21Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)

Nov 17Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)

Nov 17Project
Project Categories
All
57
Cloud
13
Blue Team
39
Red Team
2
Infrastructure
3