Implementación de un laboratorio de centro de operaciones de seguridad basado en software libre
This project addresses the need to strengthen practical training in cybersecurity through the implementation of an academic Security Operations Center (SOC) laboratory at ESPOL. Its objective is to design and implement a local, controlled, scalable, and replicable environment that allows students an...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | bachelorThesis |
| Published: |
2025
|
| Subjects: | |
| Online Access: | http://www.dspace.espol.edu.ec/handle/123456789/67325 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Add Tag | Summary: | This project addresses the need to strengthen practical training in cybersecurity through the implementation of an academic Security Operations Center (SOC) laboratory at ESPOL. Its objective is to design and implement a local, controlled, scalable, and replicable environment that allows students and faculty to apply theoretical knowledge in realistic scenarios. The proposal is justified by the growing demand for professionals in information security and the lack of practical spaces in traditional curricula. For the development of the project, the ELK stack was selected as the technological base, along with Sysmon and Elastic Agent on a Windows server, all deployed in virtual machines. The Analytic Hierarchy Process (AHP) method was applied to select the best architecture among three alternatives, considering criteria such as learning curve, scalability, and ease of implementation. Subsequently, a prototype was evaluated with experts, the full deployment was carried out, and a practical workshop was conducted with students, including a simulated attack. The results showed a positive impact on technical learning, student motivation, and research interest. Most participants considered the environment useful and recommended its inclusion in other courses. It is concluded that the proposed laboratory meets its objectives and represents a viable and educational solution. Keywords: SOC laboratory, cybersecurity education, ELK stack, practical training |
|---|