https://github.com/Esther7171/Wazuh-SOC-Lab
Wazuh detection engineering, SIEM integrations, and SOC automation lab.
https://github.com/Esther7171/Wazuh-SOC-Lab
blue-team cis-benchmark compliance cyber-security endpoint-security security-compliance security-monitoring server-hardening siem soc soc-automation sysmon threat-detection threat-intelligence virustotal wazuh yara
Last synced: about 20 hours ago
JSON representation
Wazuh detection engineering, SIEM integrations, and SOC automation lab.
- Host: GitHub
- URL: https://github.com/Esther7171/Wazuh-SOC-Lab
- Owner: Esther7171
- License: mit
- Created: 2024-11-29T15:50:41.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2026-06-03T07:38:56.000Z (23 days ago)
- Last Synced: 2026-06-03T08:17:20.610Z (23 days ago)
- Topics: blue-team, cis-benchmark, compliance, cyber-security, endpoint-security, security-compliance, security-monitoring, server-hardening, siem, soc, soc-automation, sysmon, threat-detection, threat-intelligence, virustotal, wazuh, yara
- Homepage:
- Size: 13.6 MB
- Stars: 17
- Watchers: 2
- Forks: 7
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-wazuh - Wazuh Complete Guide - Comprehensive Wazuh setup and configuration guide (Guides & Tutorials / General)
README
Wazuh SOC Lab
Detection Engineering • SIEM • SOC Automation
---
Practical Wazuh engineering focused on threat detection, SIEM integrations, and SOC automation.
---
## Wazuh Installation Guides
- [How to Install Wazuh Single Node in One Click]()
- [How to Install Wazuh on a Public IP Manually]()
- [How to Install Wazuh Using Docker]()
- [How to Configure Wazuh After Installation]()
- [How to Change the Default Wazuh Dashboard Password]()
---
## Wazuh Agent Management
- [How to Enroll Windows Agents]()
- [How to Enroll Linux Agents]()
- [How to Enroll macOS Agents]()
- [How to Upgrade Wazuh Agents Remotely]()
- [How to Add Agent Labels]()
- [How to Configure Centralized Agent Settings]()
---
## Wazuh Dashboard Management
- [How to Rebrand the Wazuh Dashboard]()
- [How to Configure Custom Domain SSL]()
- [How to Change the Wazuh Dashboard Password]()
- [How to Manage Wazuh RBAC Users]()
- [How to Create Wazuh Visualizers]()
---
## Integrations & Threat Detection
### Alert Integrations
- [How to Configure Gmail Alerts]()
- [How to Integrate Slack with Wazuh]()
- [How to Send Wazuh Alerts to Microsoft Teams]()
- [How to Configure Telegram Bot Alerts]()
### Threat Detection
- [How to Integrate VirusTotal with Wazuh]()
- [How to Detect PowerShell Attacks Using Wazuh]()
- [How to Configure YARA with File Integrity Monitoring]()
- [How to Integrate Criminal IP Threat Intelligence]()
### Antivirus and Monitoring
- [How to Integrate Windows Defender]()
- [How to Configure Sysmon for Log Collection]()
- [How to Monitor System Resources with Wazuh]()
---
## Wazuh Server Management
- [How to Restart Wazuh Services Automatically]()
- [How to Monitor Wazuh Server Health]()
- [How to Troubleshoot Wazuh Issues]()
---
## Wazuh Hardening
- [How to Harden the Wazuh Server]()
- [How to Configure SSH Security Banner]()
- [How to Secure the Wazuh Dashboard]()
---
## Wazuh Architecture
- [Wazuh Components Overview]()
- [Wazuh Data Flow Architecture]()
- [Wazuh Cluster Architecture]()
---
## Compliance
- [Wazuh Compliance Overview]()
- [How to Achieve CIS Benchmark Monitoring]()
---
## Features
- Threat Detection
- SIEM Monitoring
- Malware Detection
- SOC Automation
- Dashboard Rebranding
- Threat Intelligence
- File Integrity Monitoring
- Security Alerting