https://ittechnetworkk.co.uk/tags/soc/ Recent content in Soc on ittechnetworkk Hugo en-US Mon, 16 Feb 2026 11:10:21 +0100 https://ittechnetworkk.co.uk/posts/wireshark-filters/ Mon, 16 Feb 2026 11:10:21 +0100 https://ittechnetworkk.co.uk/posts/wireshark-filters/ <h2 id="icmp-request-and-reply">ICMP Request and Reply</h2> https://ittechnetworkk.co.uk/posts/wazuh-clamav/ Tue, 20 Jan 2026 10:58:28 +0100 https://ittechnetworkk.co.uk/posts/wazuh-clamav/ <p>This guide will walk you through setting up ClamAV antivirus integrating it with Wazuh for centralized security monitoring. This setup enables automatic malware detection, detailed logging through the Wazuh security platform.</p> https://ittechnetworkk.co.uk/posts/velociraptor-installation/ Mon, 05 Jan 2026 10:46:36 +0100 https://ittechnetworkk.co.uk/posts/velociraptor-installation/ <p>Velociraptor is a powerful digital forensics and incident response (DFIR) platform that allows security teams to collect, monitor, and hunt across endpoints. This guide will walk you through installing both the Velociraptor server and client components.</p> https://ittechnetworkk.co.uk/posts/a-honeypot-research/ Sun, 16 Nov 2025 21:30:48 +0100 https://ittechnetworkk.co.uk/posts/a-honeypot-research/ <p>Hi everyone! In this article, I would like to share my latest research about a script I&rsquo;ve recently observed on my honeypot project.</p> https://ittechnetworkk.co.uk/posts/beelzebub-dashboard/ Tue, 11 Nov 2025 17:22:34 +0100 https://ittechnetworkk.co.uk/posts/beelzebub-dashboard/ <p>Hi everyone, in this article I would like to introduce you to my new project about visualizing <a href="https://github.com/mariocandela/beelzebub">Beelzebub</a> logs, which is an AI-supported open-source honeypot solution that I modified slightly to achieve higher efficiency.</p> https://ittechnetworkk.co.uk/posts/wazuh-fail2ban/ Fri, 07 Nov 2025 17:17:44 +0100 https://ittechnetworkk.co.uk/posts/wazuh-fail2ban/ <p>Hi everyone! In this article I’ll walk you through installing and configuring Fail2Ban and then show you how to integrate it with Wazuh.</p> https://ittechnetworkk.co.uk/posts/wazuh-suricata/ Fri, 07 Nov 2025 17:06:01 +0100 https://ittechnetworkk.co.uk/posts/wazuh-suricata/ <p>Hi everyone! In this article I will walk you through installing Suricata on Ubuntu 24.04 and integrating its logs with Wazuh for centralized monitoring.</p> https://ittechnetworkk.co.uk/posts/a-honeypot-story/ Wed, 29 Oct 2025 10:36:54 +0100 https://ittechnetworkk.co.uk/posts/a-honeypot-story/ <p>Hi everyone. In this article, I&rsquo;ll walk you through my research on an AI-powered honeypot project that I deployed in the cloud to observe various attacker Tactic and Technics.</p> https://ittechnetworkk.co.uk/posts/splunk-installation/ Thu, 02 Oct 2025 23:09:17 +0200 https://ittechnetworkk.co.uk/posts/splunk-installation/ <p>Hi everyone, in this article I will guide you how to install Splunk Enterprise on Linux server and Universal Forwarder on Ubuntu Client.</p> https://ittechnetworkk.co.uk/posts/yara-rules/ Sun, 31 Aug 2025 04:14:34 +0200 https://ittechnetworkk.co.uk/posts/yara-rules/ <p>Hi everyone! In this article, I&rsquo;d like to introduce you to YARA rules, which are powerful detection rules widely used in cybersecurity to identify malware and other suspicious patterns.</p> https://ittechnetworkk.co.uk/posts/windows-logon-types/ Sun, 31 Aug 2025 04:04:25 +0200 https://ittechnetworkk.co.uk/posts/windows-logon-types/ <p>Hi everyone,</p> https://ittechnetworkk.co.uk/posts/soc-setup/ Sun, 17 Aug 2025 15:38:38 +0200 https://ittechnetworkk.co.uk/posts/soc-setup/ <p>Hi everyone! In this article, I will take you through my Security Operation Center environment on Hetzner, which is a German company that provides web hosting services and data centers.</p> https://ittechnetworkk.co.uk/posts/fortigate-wazuh-integration/ Sat, 19 Jul 2025 15:26:52 +0200 https://ittechnetworkk.co.uk/posts/fortigate-wazuh-integration/ <p>Hi everyone, in this article I will guide you through how to integrate Fortigate firewall with the Wazuh SIEM tool for centralized logging and monitoring.</p>