Skip to content

bmcda37/IndependentResearch-SIEM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

94 Commits
single-node
single-node
 
 
Caldera README.md
Caldera README.md
 
 
Network Config README.md
Network Config README.md
 
 
README.md
README.md
 
 
UseCase README.md
UseCase README.md
 
 
Wazuh README.md
Wazuh README.md
 
 
XCP-ng README.md
XCP-ng README.md
 
 

Repository files navigation

Independent Research using SIEM technologies and integrations

For my independent research study, I decided to configure a home SIEM lab using Wazuh. I am using the single-node option since I do not need more worker nodes for the volume of agents I will be installing. I leveraged various skills acquired from my undergraduate studies, internships, and personal research to build a comprehensive solution capable of addressing various use case scenarios.

Key proficiencies involved in this project:

  • Linux File System
  • Utilizing tools such as scp, ssh
  • Configuring Docker & Docker Compose configuration, along with managing containers using Portaniner
  • Networking Concepts: Subnetting, Firewall Configuration, Port Forwarding, Virtualization Management
  • Zero Trust Network Architecture

Technologies used within the project:

  • Docker: Employed Docker Compose for hosting Wazuh Stack
  • Wazuh Stack: Single-Node configuration consisting of Wazuh Manager, Wazuh Indexer, & Wazuh Dashboard
  • XCP-ng: Server hosting VMs
  • Virtual Machines: Kali Linux & Ubuntu
  • Twingate (ZTNA Solution) for remote access
  • Caldera- Threat simulation
  • pfsense Firewall

About

SIEM Home Lab

Topics

linux docker networking docker-compose wazuh caldera

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published