SOC Home Lab Update—Hands-On Security Operations!

Listen to this Post

I’ve been making steady progress on my Security Operations Center (SOC) home lab, implementing key security components to enhance threat detection and log analysis. Here’s what I’ve set up so far:

  • SIEM with Wazuh: Deployed Wazuh on my Ubuntu server for real-time log collection, security monitoring, and threat detection.
  • Install Wazuh:
    curl -sO https://packages.wazuh.com/key/GPG-KEY-WAZUH
    sudo apt-key add GPG-KEY-WAZUH
    echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | sudo tee /etc/apt/sources.list.d/wazuh.list
    sudo apt update
    sudo apt install wazuh-manager
    sudo systemctl daemon-reload
    sudo systemctl enable wazuh-manager
    sudo systemctl start wazuh-manager
    

  • Network Security with pfSense: Configured pfSense as my firewall, managing network traffic and securing my lab environment.

  • Basic pfSense setup:
    </li>
    </ul>
    
    <h1>Access pfSense web interface (default IP: 192.168.1.1)</h1>
    
    <h1>Configure LAN/WAN interfaces and firewall rules via the GUI.</h1>
    
    <p>