In Episode 11 of our cyber security virtual lab building series, we are going to integrate Cortex and MISP with TheHive bringing our Security Operations Center (SOC) one step closer to our goal of implementing Security Orchestration, Automation and Response (SOAR) within our SOC. To recap, TheHive is a security incident response platform (SIRP), and…
Category: Blue Team/Defensive
TheHive, Cortex & MISP Installation Using Docker Compose: Ep10
In Episode 10 of our cyber security virtual lab building series, we are going to install TheHive, Cortex and MISP using Docker containers by leveraging the Docker Compose tool and using .YAML to define our deployment. To recap, TheHive is a security incident response platform (SIRP) used by cyber security professionals to manage and track…
Wazuh SIEM & XDR Agent Installation – Virtual Lab Building Series: Ep9
In Episode 9 of our cyber security virtual lab building series, we are going to install and explore the Wazuh Security Platform which is a SIEM (Security Incident & Event Management) platform, as well as its Linux and Windows XDR/EDR agents. In this lab we will look at how to deploy the prebuilt Wazuh OVA…
Intro to Cyber Security Operations (SOC) – Blue vs Red Team – Virtual Lab Building Series: Ep8
In Episode 8 of our cyber security virtual lab building series, we set the stage and some future goals as to where we are heading with this series. We briefly recap the first 7 videos, showcasing OPNSense and introduce both blue team and read team cyber security operations into our lab. For our cybersecurity blue…
OPNSense – Unlock Next-Generation Firewall features with Zenarmor – Virtual Lab Building Series: Ep7
In episode 7 of our cyber security virtual lab building series, we continue with our OPNSense firewall configuration and learn how to unlock and setup Next-Generation Firewall (NGFW) features using Sunny Valley Networks Zenarmor (Sensei) plugins. We will explore the various dashboards and policies on offer and discuss Zenarmors features and use cases. By the…
OPNSense Firewall Multi-WAN Failover and Load Balancing – Virtual Lab Building Series: Ep 6
In episode 6 of our cyber security virtual lab building series, we continue with our OPNSense firewall configuration and configure the Multi-WAN failover and Load Balancing features, to create redundant paths to the internet. We will cover the VirtualBox network adapter configurations, setup gateway monitor and groups as well as modify some firewall and DNS…
OPNSense Firewall High Availability (HA), CARP, pfSync Config – Virtual Lab Building Series: Ep 5
In episode 5 of our cyber security virtual lab building series, we continue with our OPNSense firewall configuration and configure the High Availability (HA), CARP and pfSync features, to create a redundant firewall cluster setup. We will explore the master and backup firewall configs, setup virtual IP’s, configure pfSync, firewall rules and outbound NAT. By…
OPNsense Web Filtering/Proxy Configuration – Virtual Lab Building Series: Ep4
In episode 4 of our cyber security virtual lab building series, we continue with our Opnsense firewall configuration and configure the transparent proxy and web filtering features. We will also look at how to setup a blacklist and use it prevent users from accessing social networking websites in this demo. By the end of this…
Suricata IDS/IPS Installation on OPNsense – Virtual Lab Building Series: Ep3
In episode 3 of our cyber security virtual lab building series, we continue with our Opnsense firewall configuration and install the IDS/IPS features based on Suricata. We will look at the Emerging Threat rule sets including their pro telemetry provided by ProofPoint, and even learn how to write our own Suricata rules from scratch. I…
OPNsense Firewall Installation – Virtual Lab Building Series: Ep2
This is episode 2 of the Cyber Security virtual lab building series where we look at how to install the Opnsense firewall in Virtualbox as well as some basic interface and IP address configurations. By the end of this video you will have a fully functional lab firewall that you can access via its Web…