{"id":23145912,"url":"https://github.com/wagov/wasocshared","last_synced_at":"2025-08-17T16:31:51.088Z","repository":{"id":172928732,"uuid":"558912687","full_name":"wagov/wasocshared","owner":"wagov","description":"WA Cyber Security Unit (DGOV Technical) site","archived":false,"fork":false,"pushed_at":"2024-10-30T06:02:36.000Z","size":33289,"stargazers_count":28,"open_issues_count":13,"forks_count":34,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-10-30T06:24:33.345Z","etag":null,"topics":["mkdocs-site","security"],"latest_commit_sha":null,"homepage":"https://soc.cyber.wa.gov.au/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wagov.png","metadata":{"files":{"readme":"docs/README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-28T15:23:36.000Z","updated_at":"2024-10-30T06:02:39.000Z","dependencies_parsed_at":"2023-12-20T08:13:59.586Z","dependency_job_id":"2bf7a2a9-9f58-419a-bf8c-020195e57517","html_url":"https://github.com/wagov/wasocshared","commit_stats":null,"previous_names":["wagov/wasocshared"],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wagov%2Fwasocshared","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wagov%2Fwasocshared/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wagov%2Fwasocshared/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wagov%2Fwasocshared/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wagov","download_url":"https://codeload.github.com/wagov/wasocshared/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230143653,"owners_count":18180025,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["mkdocs-site","security"],"created_at":"2024-12-17T16:18:52.991Z","updated_at":"2025-08-17T16:31:51.064Z","avatar_url":"https://github.com/wagov.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WA Cyber Security Unit (Office of Digital Government)\n\n[![OpenSSF Scorecard](https://img.shields.io/ossf-scorecard/github.com/wagov/wasocshared.svg?label=openssf%20scorecard)](https://securityscorecards.dev/viewer/?uri=github.com/wagov/wasocshared)\n\nThis site contains technical information to support WA Government Cyber Security activities. Please propose updates directly via the edit link on each page or email [cybersecurity@dpc.wa.gov.au](mailto:cybersecurity@dpc.wa.gov.au) with any feedback. The site is built with [Material for MkDocs (reference)](https://squidfunk.github.io/mkdocs-material/reference/) which includes several [extensions to markdown](https://squidfunk.github.io/mkdocs-material/setup/extensions/) for enhanced technical writing.\n\n!!! tip \"RSS Feeds\"\n\n    If you would like to subscribe to updates for this site please use the [RSS](/rss.xml) or [ATOM](/atom.xml) feeds.\n\n## WA Security Operations Centre (WA SOC)\n\n- [Connecting to the WA SOC](onboarding.md) ([Sentinel Guidance](onboarding/sentinel-guidance.md))\n- [Advisories (TLP:CLEAR)](advisories.md)\n- [Incident Reporting User Guide (Jira)](guidelines/incident-reporting.md)\n- [Threat Hunting (MITRE ATT\u0026CK Tactics and Techniques)](guidelines/TTP_Hunt/ttp-detection-guidelines.md)\n- [ACSC Essential Eight Assessment Process Guide](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight/essential-eight-assessment-process-guide)\n\n## Baselines \u0026 Guidelines\n\nBaselines are for use as self-assessment checklists, and guidelines are for general implementation guidance.\n\n!!! abstract \"Baselines\"\n\n    - [Security Operations Baseline](baselines/security-operations.md) - aligned with [MITRE 11 Strategies of a World-Class Cybersecurity Operations Center](pdfs/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf) and [ACSC's Cyber Incident Response Plan Resource](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/publications/cyber-incident-response-plan).\n    - [Detection Coverage Baseline](baselines/data-sources.md) - *[telemetry collection](https://attack.mitre.org/datasources/)* and *[detection analytics](https://attack.mitre.org)* aligned to the [MITRE ATT\u0026CK Framework](https://attack.mitre.org).\n    - [Vulnerability Management Baseline](baselines/vulnerability-management.md) - focused on undertaking operational **Identify** and **Protect** capabilities.\n\n!!! danger \"Critical Infrastructure Entities and Operational Technology\"\n\n    The [CISA Cross-Sector Cybersecurity Performance Goals](https://www.cisa.gov/cross-sector-cybersecurity-performance-goals) are clear targeted recommendations focusing on most common and impactful threats, including cost, complexity and impact ratings against each recommendation. These are highly relevant targets for entities in scope of [SOCI regulatory obligations](https://www.cisc.gov.au/legislative-information-and-reforms/critical-infrastructure/regulatory-obligations).\n\n    \u003ciframe width=\"560\" height=\"315\" src=\"https://www.youtube-nocookie.com/embed/podtgMpjVp4?si=rmJ_tqjca9iQX_in\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen\u003e\u003c/iframe\u003e\n\n!!! tip \"Guidelines\"\n\n    - Supply Chain Risk Management Guideline - Implementation guidance for [ACSC Cyber Supply Chain Risk Management](https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/outsourcing-and-procurement/cyber-supply-chains/cyber-supply-chain-risk-management).\n    - [Guide to Securing Remote Access Software (CISA)](https://www.cisa.gov/resources-tools/resources/guide-securing-remote-access-software) - remote access software overview, including the malicious use of remote access software, detection methods, and recommendations for all organizations.\n    - [#StopRansomware Guide (CISA)](https://www.cisa.gov/resources-tools/resources/stopransomware-guide) - one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover, including step-by-step approaches to address potential attacks.\n    - [Microsoft Sentinel Guidance](onboarding/sentinel-guidance.md) - Implementation guidance for using Sentinel for [ACSC Guidelines for System Monitoring](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-system-monitoring)\n    - [Network Management Guideline](guidelines/network-management.md) - Implementation guidance for [ACSC Network gateway hardening](https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/gateway-hardening/gateway-security-guidance-package-executive-guidance).\n    - [Patch Management Guideline](guidelines/patch-management.md) - Implementation guidance for [ACSC Assessing Security Vulnerabilities and Applying Patches](https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-administration/assessing-security-vulnerabilities-and-applying-patches).\n\n## Additional documentation\n\nThe below documents are for general use.\n\n!!! note \"Technical Documentation\"\n\n    - [SOC Analyst Induction](training/analyst-induction.md)\n    - [Collecting Digital Forensic Evidence](guidelines/collecting-evidence.md)\n    - [Cyber Security Playbooks](guidelines/playbooks.md)\n\n{% include 'threat-activity.md' %}\n\n\u003cscript\u003e\n    if (window.location.hash \u0026\u0026 window.location.hash[1] === \"/\") {\n        var location_parts = window.location.hash.slice(1).split(\"?id=\");\n        window.location.hash = '';\n        if (location_parts[1]) {\n            window.location.hash = location_parts[1];\n        }\n        window.location.pathname = window.location.pathname + location_parts[0].replace(\".md\", \"\");\n    }\n\u003c/script\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwagov%2Fwasocshared","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwagov%2Fwasocshared","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwagov%2Fwasocshared/lists"}