SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 1 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 2 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 3 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 4 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 5 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 6 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 7 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 8 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 9 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 10 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 11 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 12 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 13 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 14 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 15 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 16 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 17 Expand Icon
SOC Center Lab – Detection, Monitoring & Digital Forensics (EVE-NG / VMware) Image 18 Expand Icon

Project Information

  • Category: Cyber Security, Networking, IT
  • Client: College Student
  • Project Date: 15 Apr, 2025 - 11 Sep, 2025
  • Project Source Code URL: View on Github

SOC Center Homelab (Detection, Monitoring & Digital Forensics)

Designed and implemented a SOC homelab within an EVE-NG virtual environment to simulate real-world detection, monitoring, and incident response scenarios. The lab integrates network segmentation, intrusion detection, and centralized log management to evaluate security visibility and response effectiveness through controlled attack simulations.

Tools & Technology Stack

  • VMware Workstation and EVE-NG for virtualization and network emulation
  • pfSense firewall for network segmentation, routing, and traffic monitoring (SPAN)
  • Security Onion for IDS/NSM and deep traffic analysis (Suricata, Zeek, Wazuh, Kibana, Hunt)
  • Splunk Enterprise SIEM with Universal Forwarder and Syslog integration
  • Kali Linux for attack simulation
  • Windows Server (Active Directory Domain Controller) and Windows endpoints

Key Results & Outcomes

  • Improved threat detection time from not detected to under 2 seconds.
  • Increased visibility by generating multiple correlated security alerts across the SOC stack.
  • Validated early detection, centralized logging, and alert triage through integrated SOC workflows.

Future Enhancements

  • Integration of XDR and SOAR for automated response
  • Application of AI techniques to enhance detection accuracy
  • Migration and scaling of the SOC lab using cloud platforms