Introduction In this post I’ll walk through the process of deploying Wazuh, an open-source endpoint detection & response (EDR) solution, within my home environment. I’ve currently got Suricata ...

Introduction In this post I’ll walk through standing up n8n, an open-source automation platform, that will serve as the SOAR for my environment. n8n will allow me to automatically enrich findings t...

Introduction In this post I’ll be standing up and configuring DFIR IRIS, an open-source incident response platform. This platform will allow me to open, triage, and document incidents that occur wi...

Introduction In this post, I’ll be deploying Suricata within my network. Suricata, in my use-case, will serve as an IDS/IPS running at the firewall level. I am running OPNsense as the open-source f...

Introduction Throughout the process of building out my homelab, I’ve exposed SSH internally on various endpoints in order to easily manage them from my personal endpoint. So far, I’ve allowed for a...

Introduction In this this post I’ll walk through the process of sending logs from my Pi-hole DNS server to my SIEM (Graylog). With my current setup I have every VLAN in my network configured with i...

Introduction In this post I’ll walk through the process of standing up a Graylog instance within my homelab. Graylog is an open-source SIEM that I will use for log aggregation, analysis, and manage...

Introduction In this post I will walk through setting up Pi-hole & Unbound in my home network. These two services will work together to act as the primary DNS server for my home network. Once c...

Introduction Today, I’ll walk through the process of segmenting the network I setup in my last post. I’ll be doing this by using OPNsense to create usage-specific VLANs. This will allow me to limit...

Introduction This is the first entry in, what I plan to be, a long-running series of blog posts documenting my efforts to build out my security-focused home network. My aim is to develop my securit...