To continue with the series of Zenarmor SIEM integration guides that I have created over the last few months, today we are going to look at how we can integrate Zenarmor with Datadog. Datadog is slightly different from the previous SIEMs we have covered because it’s the only one that is a SaaS-only solution, meaning…
Category: Cyber Security Lab Building Series
How to Integrate Wazuh & TheHive – Virtual Lab Building Series Ep: 13
Welcome to my channel! In Episode 13 we will continue building our lab Security Operations Center (SOC) and I am going to show you how to integrate Wazuh, our open-source SIEM platform, with The Hive, our security incident response platform (SIRP) so that we can feed alerts into The Hive allowing analysts to easily, filter…
How VirtualBox 7.0 networking works – NAT, NAT Network, Internal Network, Bridged Adapter
In this tutorial, we are going to look at VirtualBox networking modes where I will explain how NAT, NAT Network, Internal Network, and Bridge Adapter network modes work as well as provide examples for each use case. I created this video to supplement my cyber security virtual lab building series because I saw many people…
UPDATED – TheHive, MISP & Cortex Integration – Virtual Lab Building Series: Ep11.5
In Episode 11.5 We briefly recap both episodes 10 and 11 of our cyber security virtual lab building series, where we integrated Cortex and MISP with TheHive bringing our Security Operations Center (SOC). Since those videos were uploaded, there have been a few changes to this lab deployment and this video serves as a update…
How to Integrate Cortex & MISP with TheHive in your SOC
In Episode 11 of our cyber security virtual lab building series, we are going to integrate Cortex and MISP with TheHive bringing our Security Operations Center (SOC) one step closer to our goal of implementing Security Orchestration, Automation and Response (SOAR) within our SOC. To recap, TheHive is a security incident response platform (SIRP), and…
TheHive, Cortex & MISP Installation Using Docker Compose: Ep10
In Episode 10 of our cyber security virtual lab building series, we are going to install TheHive, Cortex and MISP using Docker containers by leveraging the Docker Compose tool and using .YAML to define our deployment. To recap, TheHive is a security incident response platform (SIRP) used by cyber security professionals to manage and track…
Wazuh SIEM & XDR Agent Installation – Virtual Lab Building Series: Ep9
In Episode 9 of our cyber security virtual lab building series, we are going to install and explore the Wazuh Security Platform which is a SIEM (Security Incident & Event Management) platform, as well as its Linux and Windows XDR/EDR agents. In this lab we will look at how to deploy the prebuilt Wazuh OVA…
Intro to Cyber Security Operations (SOC) – Blue vs Red Team – Virtual Lab Building Series: Ep8
In Episode 8 of our cyber security virtual lab building series, we set the stage and some future goals as to where we are heading with this series. We briefly recap the first 7 videos, showcasing OPNSense and introduce both blue team and read team cyber security operations into our lab. For our cybersecurity blue…
OPNSense – Unlock Next-Generation Firewall features with Zenarmor – Virtual Lab Building Series: Ep7
In episode 7 of our cyber security virtual lab building series, we continue with our OPNSense firewall configuration and learn how to unlock and setup Next-Generation Firewall (NGFW) features using Sunny Valley Networks Zenarmor (Sensei) plugins. We will explore the various dashboards and policies on offer and discuss Zenarmors features and use cases. By the…