Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - The detection capabilities can also be used as a SOC

SOC Compass continuously maintains your current and target SOC Operating Model (TSOM), aligning evidence and criteria to common frameworks such as SOC-CMM, MITRE Inform and SIM3.

This repository hold a complete step by step documentation of the creation of a Security Operations Center SOC home lab.

An Open-source Ready SOC in a dockerized environment

This detection engineering repo is for the Detection as Code CI/CD pipeline

A hands-on SOC Automation Lab built using Wazuh, TheHive, Cortex, and ELK. Demonstrates real-time threat detection, alert forwarding, and automated incident response in a simulated enterprise environment.

Cybersecurity lab demonstrating MITRE ATT&CK T1110 brute force attack simulation using Kali Linux and Hydra. Includes reconnaissance, attack execution, IoC analysis, and SOC defense strategies with Fail2Ban and 2FA implementation.

Multi-module phishing website detection tool

SOC Projects | Web Security | Networking

robotic security operations with more than just dashboards. This goes into dispatching and more. Meant for event / city security ops with experimental robotics to assist. Code sanitized as much to still show a demo.

Python script that reads mock security logs, detects suspicious patterns (e.g., brute force, failed logins, blacklisted IPs), and raises alerts.