Overview
This project is a full-featured Security Operations Center (SOC) that integrates multiple tools to create a robust network monitoring solution. The central component, Wazuh, interacts with various tools such as Cortex for incident response, OpenCTI for threat intelligence, and Infection Monkey for vulnerability assessments. The network also uses NGINX as a reverse proxy, Shuffle for workflow automation, and OpenBAS for security assessments. Each tool is hosted on separate nodes in the network, ensuring scalability and modularity.
Features
- Centralized Monitoring: Wazuh acts as the core of the solution, collecting and analyzing data from all connected tools.
- Incident Response: Cortex and TheHive provide automated incident response capabilities.
- Threat Intelligence: OpenCTI integrates threat data into the monitoring system.
- Vulnerability Scanning: Infection Monkey and OpenBAS perform vulnerability assessments and penetration testing.
- Workflow Automation: Shuffle automates workflows for enhanced efficiency.
- Reverse Proxy: NGINX serves as a secure gateway to the network.
Network Diagram
Technologies Used
- Wazuh
- Cortex
- TheHive
- OpenCTI
- Infection Monkey
- OpenBAS
- NGINX
- Shuffle