Overview
Explore an experimental integration of Security Onion with automation and response tools in this 32-minute video from 2021. Learn about the SOARLab project, which combines Security Onion, n8n, TheHive, and Velociraptor for zero-cost detection and response orchestration. Discover the setup process and configuration details, with the final workflow demonstration starting at 25:45. Be aware that this integration is no longer valid for modern Security Onion versions and is unsupported. Download Security Onion, access the SOARLab GitHub repository, and find links to documentation, training, and hardware appliances. For Security Onion-specific questions, visit the official discussion forum at securityonion.net/discuss.
Syllabus
SOARLab - Security Onion + Automation + Response Lab including n8n and Velociraptor
Taught by
Security Onion