This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu 22.04 for Wazuh and TheHive, deployed on cloud or VMs. Goals: automate event collection, alerting, and incident response to enhance SOC efficiency.

Enterprise SOC Lab with automated threat detection, SOAR orchestration, and incident response

End-to-end Azure edge security lab: Front Door Premium with WAF, dual-region Container Apps failover, Microsoft Sentinel, SOC automation, and Azure Workbooks. One-click deploy with Bicep + azd.

Security Operation Automation lab Design | Process | & Architecture with a SIEM

Comprehensive PowerShell training series for cybersecurity professionals and SOC analysts. Hands-on labs covering Windows security administration, incident response automation, and threat hunting techniques.

Documented SOC automation workflow using Wazuh, N8N, Caldera, and Velociraptor

The SOC Automation Lab is a complete hands-on cybersecurity project designed to simulate real-world Security Operations Center (SOC) monitoring, detection, and response workflows.

Fully automated, end-to-end SOC pipeline showcasing proficiency in SOAR (n8n), SIEM (Splunk), and AI Engineering. The workflow automates alert detection, enrichment (VirusTotal/AbuseIPDB), LLM triage (OpenAI/Claude MCP), and creates persistent case management tickets in DFIR-IRIS to drastically reduce MTTR.

110-220V AC Smart Power Outlet Socket LK-EU01

This project implements an automated Security Operations Center (SOC) workflow using on-premise VMs and open-source tools: Wazuh, The Hive, and Shuffle. It detects, analyzes, and responds to incidents like Mimikatz activity with minimal manual effort, enhancing SOC efficiency and streamlining operations.

This is a project for socks card label validation where the socks card is validated comparing with the correct socks card whose coordinates are stored in the database. When the test socks card is compared with the correct socks card(master socks card) the software checks whether both test and master socks card matches or not.

This repository contains automation scripts and configurations for Security Operations Centers (SOC). It includes tools for incident response, log management, and security alerting, aimed at streamlining SOC workflows and enhancing security event monitoring and management.

No description available

Automation lab for LLM-powered SOC operations: alert triage, SOAR playbooks, decision logic, and remediation flows built from real detection use cases.

SOC Analyst · Cloud Security (AWS) · Red Team Labs · Automation Portfolio

Security Operations Center (SOC) automation project (home lab). Explore how automation enhances incident response, accelerates threat detection, and streamlines SOC workflows. Dive into the details of this hands-on, budget-friendly project (home lab) and empower your cybersecurity arsenal.

Beginner-friendly Cyber Security Lab combining SOC & VAPT practice using Docker, DVWA, Juice Shop, Nmap, and Burp Suite. Includes PoC reports, automation scripts, and screenshots for real-world learning.

Lab walkthrough of my SOC Automation Lab

Automated SOC lab

This project focuses on automating Security Operations Center (SOC) tasks using SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platforms. The goal is to enhance threat detection, streamline incident response, and reduce manual workload through intelligent automation and integration.

No description available

A hands-on Security Operations Center (SOC) lab designed to simulate real-world detection, alerting, enrichment, and automation workflows. This project integrates Wazuh, Sysmon, TheHive, Shuffle SOAR, and the VirusTotal API to create a fully functional automated incident response pipeline.

SOAR Lab made with the usage of Shuffle, TheHive and Wazuh.

No description available

My SOC Automation Lab using Waza (Siem & XDR), The Hive (Case Management), Shuffle (Soar Capabilities)

No description available

I developed SentinelTriage, an automated SOC Detection & Response engine designed to streamline the investigation of network-based threats like SSH brute-force attacks. The system integrates a custom Python-based log parser with the VirusTotal API to automate threat intelligence enrichment, effectively reducing manual investigation 'toil' by 90%. B

I am starting 5 days SOC Automation Lab Project Guided by MyDFIR Youtube Channel

This home-lab demonstrates an end-to-end SOC automation pipeline using Wazuh, Shuffle (SOAR), VirusTotal, TheHive, and Active Response.

No description available