Implementación de SIRP Open Source

Romero Cabello, Raúl

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/132147

Title:	Implementación de SIRP Open Source
Author:	Romero Cabello, Raúl
Tutor:	Flores Terrón, Miguel Ángel
Others:	Garcia-Font, Victor
Abstract:	The purpose of this work is to have a SIRP platform with open source software that can be scalable and highly available for pedagogical purposes in a simulation environment but that equipped with the necessary hardware resources can be implementable for incident management of any company or organization that needs to implement this type of solutions as part of its ISMS. At the methodological level, this work the following steps have been followed: 1- Analyze the required functionalities and see what options are available. 2- Choose the components and design a solution based on the study carried out and the proposed scope. 3- Implement and integrate the different components/products that make up the solution. 4- Testing, findings and documenting possible improvements. 5- Complete the documentation and presentation on the work done. As a result we have an operational SIRP platform that allows the management of incidents from their detection to the response, with its corresponding documentation of possible incidents and closure, which allows to share information (IoCs) with third parties if necessary and that uses external sources of intelligence to help security analysts in what can be the day to day of any company or organization, all using current cloud technologies for its implementation and management.
Keywords:	TheHive, Cortex and MISP Wazuh ELK
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	1-Jun-2021
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.