Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam prep and skill-building in blue team operations.

The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.

This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu 22.04 for Wazuh and TheHive, deployed on cloud or VMs. Goals: automate event collection, alerting, and incident response to enhance SOC efficiency.

Threat Intelligence Analysis workflows built with n8n and integrated in SecurityOnion

Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 months ago. These answers can be used by others who want to learn and practice their skills in cybersecurity.

PythonSOCModules: Elevate your Security Operations Center (SOC) with Python's Paramiko, Requests, PyShark, Scapy, Matplotlib, and Seaborn modules. Strengthen security monitoring, incident detection, and response.

A log-based Threat Hunting tool

Ultimate Cybersecurity Roadmap (2025 Edition) | Beginner to Advanced Guide | Learn Ethical Hacking, SOC Analysis, Threat Hunting, Incident Response, and More by Shaikh Minhaj (Cyber With Minhaj)

A fully isolated, multi-VLAN Cybersecurity SOC Simulation Lab integrating pfSense firewall, Wazuh SIEM, Snort IDS/IPS, and target machines for realistic attack detection, log analysis, and threat simulation — designed to showcase professional detection engineering and network defense capabilities.

The Security Maturity Project Tracking Matrix helps organizations evaluate and enhance their security capabilities across multiple domains. It provides a structured framework to track progress, streamline processes, and achieve security maturity goals effectively.

A Security Operations Center (SOC) created by open source tools

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Welcome to the Cybersecurity Questions and Answers Repository! This project aims to create a comprehensive collection of questions and answers related to various cybersecurity topics. Whether you’re a beginner looking to learn or a seasoned professional wanting to share your knowledge, this repo is the perfect place for you.

this project is about the open source soc solution

Implemented a miniature HoneyNet on Azure, integrating log sources from diverse resources into a Log Analytics workspace.

A comprehensive SOC Analyst project that includes detection rules, attack simulations, automated responses, and SIEM configuration.

It checks "www.zone-h.org/archive" and looks for your domains, if your assets found in the list, it sends its log to your Telegram or Bale group.