An alternative approach explored in this lab is the zero-trust model, where all resources require credentials and communication channels are encrypted. The lab involves designing a cloud-based system to scale client-facing servers using Docker containers, provisioning machines from various cloud providers, and maintaining a private Docker registry for container images. Initial stages include keeping the registry and persistent storage in-house. Future labs will cover identity and access management and advanced security tools.
- SCAP
- Wazuh
- Docker
- Dia
- vWorkstation
- SecServer
- pfSense
- DockerServer
- DockerRunner (21H2)
Created Cloud architecture diagram via Dia:
Scan machines using SCAP documents & Customize a SCAP profile:
Enable SCAP scans in Wazuh:
Enable SCAP scans in Wazuh:
Enable Docker scans in Wazuh: