Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam prep and skill-building in blue team operations.
This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu 22.04 for Wazuh and TheHive, deployed on cloud or VMs. Goals: automate event collection, alerting, and incident response to enhance SOC efficiency.
The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.
Threat Intelligence Analysis workflows built with n8n and integrated in SecurityOnion
Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace
The Security Maturity Project Tracking Matrix helps organizations evaluate and enhance their security capabilities across multiple domains. It provides a structured framework to track progress, streamline processes, and achieve security maturity goals effectively.
The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 months ago. These answers can be used by others who want to learn and practice their skills in cybersecurity.
A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.
PythonSOCModules: Elevate your Security Operations Center (SOC) with Python's Paramiko, Requests, PyShark, Scapy, Matplotlib, and Seaborn modules. Strengthen security monitoring, incident detection, and response.
A log-based Threat Hunting tool
Ultimate Cybersecurity Roadmap (2025 Edition) | Beginner to Advanced Guide | Learn Ethical Hacking, SOC Analysis, Threat Hunting, Incident Response, and More by Shaikh Minhaj (Cyber With Minhaj)
Yet another SoC Lab
A fully isolated, multi-VLAN Cybersecurity SOC Simulation Lab integrating pfSense firewall, Wazuh SIEM, Snort IDS/IPS, and target machines for realistic attack detection, log analysis, and threat simulation — designed to showcase professional detection engineering and network defense capabilities.
A Security Operations Center (SOC) created by open source tools
An NLP system for classifying cybersecurity incident descriptions into meaningful event types. Designed to mirror early SOC triage, it transforms unstructured analyst text into structured labels using synthetic SOC-style data, MITRE-aligned patterns, and an uncertainty-aware prediction pipeline.
Welcome to the Cybersecurity Questions and Answers Repository! This project aims to create a comprehensive collection of questions and answers related to various cybersecurity topics. Whether you’re a beginner looking to learn or a seasoned professional wanting to share your knowledge, this repo is the perfect place for you.
A comprehensive SOC Analyst project that includes detection rules, attack simulations, automated responses, and SIEM configuration.
this project is about the open source soc solution
An Email Analysis Tool with threat scoring, and URL/attachment safety checks for detecting phishing and malicious emails.
Add a description, image, and links to the security-operations-center topic page so that developers can more easily learn about it.
To associate your repository with the security-operations-center topic, visit your repo's landing page and select "manage topics."