- Goal: SOC Test tool
- Location: Amsterdam
- Timeframe: 2-6 months
- Complexity: Medium
- Team size: 1-3
- Category: Product Development
- Supervisor: Sander Maijers, PD group
Many organizations struggle with their SOC/SIEM security monitoring and detection systems. Initially, they generate a large number of alerts or none at all. After fine-tuning the use cases, it becomes easier to manage, and the number of false positives decreases. However, it is difficult to know if the systems are seeing the events you want to know about.
When a security operations center (SOC) does not alert you to any security events, it could be there is no security event taking place. It could also mean the SOC is malfunctioning or certain attacks are outside the detection capabilities. The Secura PurpleBox provides a test platform to continuously test and verify the functioning of the SOC and provides the trust that real events will not go unnoticed.
Within this internship, you help expand the Secura PurpleBox: a modular and secure test platform that can execute a number of simulated attacks, modeled after the MITRE ATT&CK Matrix for Enterprise.
You will work in a small team and have the ability to make a difference. We work with modern technologies (Django and Python) and frameworks. Obviously, secure coding is an important part of the development design.