Wazuh served as the backbone for log collection, intrusion detection, and security monitoring, providing real-time insights into potential threats. TheHive streamlined incident response by offering a centralized platform for case management, while Cortex enhanced analysis through automated enrichment of security alerts. To tie everything together, Shuffle automated workflows, reducing manual effort and improving response times.

This project was a hands-on dive into SOC implementation, covering everything from tool integration to fine-tuning automation for better efficiency. The result? A powerful, cost-effective security framework that showcases how open-source solutions can rival enterprise SOCs in capability and effectiveness.