SOAR solution for SOC: Configuring a SOAR (Security Orchestration, Automation, and Response) solution for an SOC
-
Deployment and administration of an IT infrastructure Web server: ApacheWS Load balancer: HAProxy DNS: Bind9 Info.Directory server: OpenLDAP DB server: PostgreSQL Mail server: Postfix/Dovecot
-
Implementation of security mechanisms at the service and network layers: Malware analysis (ClamAV) IDS/IPS (Suricata) Honeynets (Tpot) Firewalls (pfSense) VPN (Open VPN) Monitoring Service (Nagios)
-
Deployment of a Security Operation Center (SOC): SIEM(ELK) Vulnerability Scanner(Nessus) Threat intelligence platform (MISP) Incident Response (TheHive) & Cortex
-
Integration of orchestration and automation capabilities (PatrOwl)
