In short, just give it access to your alerts.json, default rules, custom rules, archives.json, and magic happens.

Cloud Security & SOC portfolio with AWS labs, SIEM monitoring, and threat analysis. AWS | Wazuh | Splunk | Python

Wazuh is a free, open-source security platform that unifies SIEM and XDR. It is designed to protect endpoints, such as servers, virtual machines, and cloud workloads, by monitoring them for threats.

Community-built Wazuh knowledge base — custom detection rules, SOC simulations, integrations, compliance labs, and Wazuh 5.0 migration guides. Open to all levels.

WaZuh XDR and SIEM Enhancements

This project contains custom LKRG (Linux Kernel Runtime Guard) decoders and rules for Wazuh

Web UI for tuning Wazuh 4.x `local_internal_options.conf` — generates ready-to-deploy config with matching OS-level hints (sysctl / limits.conf / systemd)

Automated Security Lab Infrastructure. A DevSecOps portfolio project demonstrating modular IaC using OpenTofu/Terraform on Proxmox, featuring automated verification, SIEM deployment, and hardening pipelines.

Enterprise-like home lab for hands-on cybersecurity and infrastructure practice.

SOC Home Lab using Wazuh SIEM for detection and incident response