Skip to content
This repository has been archived by the owner on Apr 2, 2023. It is now read-only.
/ 2019-DC-DFIR Public archive
forked from filiplinjo/Group116

2019 Bachelor student project: An implementation of multiple security platforms with automatic deployment,that requires little to no configuration to make functional. Resulting in a set of operational security collaboration tools fit for a Security Operation Center. Thesis: https://hdl.handle.net/11250/2976415

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

NTNUSecurity/2019-DC-DFIR

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
MISPSetup.yml
MISPSetup.yml
 
 
MISP_finalChanges.yml
MISP_finalChanges.yml
 
 
MISP_playbook.yml
MISP_playbook.yml
 
 
README.md
README.md
 
 
activemq.yml
activemq.yml
 
 
ansible.cfg
ansible.cfg
 
 
application.properties
application.properties
 
 
autopsy-playbook.yml
autopsy-playbook.yml
 
 
elasticSearch-playbook.yml
elasticSearch-playbook.yml
 
 
elasticsearch.yml
elasticsearch.yml
 
 
ghidra-playbook.yml
ghidra-playbook.yml
 
 
ghidraSetup.yml
ghidraSetup.yml
 
 
hosts
hosts
 
 
kube-dependencies.yml
kube-dependencies.yml
 
 
main.yml
main.yml
 
 
mariadb-playbook.yml
mariadb-playbook.yml
 
 
master-cluster.yml
master-cluster.yml
 
 
nfs-playbook.yml
nfs-playbook.yml
 
 
non-root-user.yml
non-root-user.yml
 
 
postsql-playbook.yml
postsql-playbook.yml
 
 
server.conf
server.conf
 
 
solr.yml
solr.yml
 
 
theHive-playbook.yml
theHive-playbook.yml
 
 
theHiveSetup3.yml
theHiveSetup3.yml
 
 
workers-cluster.yml
workers-cluster.yml
 
 

Repository files navigation

2019 Distributed collaborative analytics environment for Digital Forensics and Incident Response

An implementation of multiple security platforms with automatic deployment, that requires little to no configuration to make functional. Resulting in a set of operational security collaboration tools fit for a Security Operation Center (SOC). The environment runs in OpenStack instances, and includes configuration and deployment of Ansible, Kubernetes, Docker, TheHive, Ghidra SRE, MISP, Autopsy, ElasticSearch, MariaDB, Solr, ActiveMQ, and NFS.

The platform is written as Infrastructure as Code (IaC) to simplify configuration and deployment of all the services mentioned above. The result is a platform which makes it easier to implement, manage, and scale security tools.

Thesis location (Norwegian): https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/2976415

About

2019 Bachelor student project: An implementation of multiple security platforms with automatic deployment,that requires little to no configuration to make functional. Resulting in a set of operational security collaboration tools fit for a Security Operation Center. Thesis: https://hdl.handle.net/11250/2976415

Topics

ansible elasticsearch misp autopsy thehive-project ghidra

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository