pfSense/OPNsense + Elastic Stack

Threat Alert Logic Repository

Manage, monitor and improve your cyber security posture.

Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook

SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab

Repo for Automations and other solutions for Elastic SIEM/Security.

This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM

Open Source data and event driven real time Monitoring and Analytics Platform

A dockerized demo for illustrating how Confluent can be used in a SIEM Modernization use case.

A Siem environment using Guard Duty + Kibana + S3 + ES + Cognito + Kinesis

This repository documents my hands on experience and assignments during the Columbia University Cybersecurity Program. It includes home labs related to network security, penetration testing, and defensive security

This system is a combination of 3 open-source tools that include Zeek for Intrusion Detection System (IDS), StratosphereIPS for the machine learning Process, and ELK Stack for log management and SIEM.

Honeypot with a twist of Red Teaming!

IDS and detections lab infrastructure deployable as docker containers.

pfSense/OPNsense + Elastic Stack

Wazuh is an open-source security information and event management (SIEM) platform. It provides intrusion detection, vulnerability detection, and response capabilities. With active threat intelligence, Wazuh enhances security monitoring and incident response in diverse IT environments.

Student project for SIEM center using ELK stack

Enables real-time control and monitoring of network traffic and system events.

An ELK (Elastic, Logstask, Kibana) stack with TLS Certs for a simple deployment.

Deploy a Wazuh cluster with a hardened (prod. ready) stack on Kubernetes.