bsard99/SOC-Automation-Homelab
GitHub: bsard99/SOC-Automation-Homelab
SOC自动化安全实验室,实现端到端安全事件响应。
Stars: 1 | Forks: 0
## 架构图与工作流程
```
graph TD
%% Define Styles
classDef endpoint fill:#1b2a4a,stroke:#00a8cc,stroke-width:2px,color:#fff;
classDef siem fill:#0c7b93,stroke:#00a8cc,stroke-width:2px,color:#fff;
classDef soar fill:#27496d,stroke:#00a8cc,stroke-width:2px,color:#fff;
classDef tool fill:#142834,stroke:#4b6584,stroke-width:1px,color:#d1d8e0;
%% Nodes
Win[Windows 11 Target]:::endpoint
WazAgent[Wazuh Agent]:::endpoint
WazMgr[Wazuh Manager Server]:::siem
Shuffle[Shuffle SOAR Platform]:::soar
VT[VirusTotal API
Hash Enrichment]:::tool TheHive[TheHive Server
Auto-Case Creation]:::tool Email[Analyst Email
Immediate Notification]:::tool %% Connections Win -->|Sysmon Logs| WazAgent WazAgent -->|Secure Tunnel| WazMgr WazMgr -->|Webhook Alert JSON| Shuffle Shuffle -->|1. API Check| VT Shuffle -->|2. API Poster| TheHive Shuffle -->|3. SMTP Relay| Email ``` ## 演示 [观看 SOC 自动化演示](https://www.youtube.com/watch?v=41O4c81t-5U)
Hash Enrichment]:::tool TheHive[TheHive Server
Auto-Case Creation]:::tool Email[Analyst Email
Immediate Notification]:::tool %% Connections Win -->|Sysmon Logs| WazAgent WazAgent -->|Secure Tunnel| WazMgr WazMgr -->|Webhook Alert JSON| Shuffle Shuffle -->|1. API Check| VT Shuffle -->|2. API Poster| TheHive Shuffle -->|3. SMTP Relay| Email ``` ## 演示 [观看 SOC 自动化演示](https://www.youtube.com/watch?v=41O4c81t-5U)
标签:Ask搜索, CIDR查询, Shuffle, SMTP, SOAR平台, Sysmon, TheHive, VirusTotal, Wazuh, Webhook, 力导向图, 威胁情报, 安全运营中心, 开发者工具, 票务管理系统, 端点监控, 网络映射, 自动化响应, 请求拦截, 逆向工具, 邮件通知