Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

A modular, skill-based autonomous Security Operations Center (SOC) agent that monitors OpenSearch/Elasticsearch data, builds RAG-based behavioral memory, and validates real-time anomalies using LLMs.

Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam prep and skill-building in blue team operations.

Ultimate Cybersecurity Roadmap (2025 Edition) | Beginner to Advanced Guide | Learn Ethical Hacking, SOC Analysis, Threat Hunting, Incident Response, and More by Shaikh Minhaj (Cyber With Minhaj)

This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu 22.04 for Wazuh and TheHive, deployed on cloud or VMs. Goals: automate event collection, alerting, and incident response to enhance SOC efficiency.

Threat Intelligence Analysis workflows built with n8n and integrated in SecurityOnion

The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.

EFF-Monitoring是一款以内置 Agent 为核心的安全运营协作平台。平台围绕安全事件全生命周期，提供日志解析、资产关联、AI研判、处置流转、经验沉淀与报告输出等能力，通过证据驱动的分析与协同机制，帮助安全团队快速看懂告警、定位风险、联动上下游、提升处置效率。

Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace

Certified SOC Analyst (CSA) Program - A comprehensive 6-month, hands-on Security Operations Center training curriculum. Developed by Aminu Idris, AMCPN | International Cybersecurity and Digital Forensics Academy (ICDFA)

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 months ago. These answers can be used by others who want to learn and practice their skills in cybersecurity.

The Security Maturity Project Tracking Matrix helps organizations evaluate and enhance their security capabilities across multiple domains. It provides a structured framework to track progress, streamline processes, and achieve security maturity goals effectively.

PythonSOCModules: Elevate your Security Operations Center (SOC) with Python's Paramiko, Requests, PyShark, Scapy, Matplotlib, and Seaborn modules. Strengthen security monitoring, incident detection, and response.

A comprehensive SOC Analyst project that includes detection rules, attack simulations, automated responses, and SIEM configuration.

A log-based Threat Hunting tool

A fully isolated, multi-VLAN Cybersecurity SOC Simulation Lab integrating pfSense firewall, Wazuh SIEM, Snort IDS/IPS, and target machines for realistic attack detection, log analysis, and threat simulation — designed to showcase professional detection engineering and network defense capabilities.

Yet another SoC Lab

A Security Operations Center (SOC) created by open source tools

This repository hold a complete step by step documentation of the creation of a Security Operations Center SOC home lab.