Blue Team Cyber Overview - sofwerx/mad-jack GitHub Wiki

The objectives for the Cyber lane are to monitor and defend information technology assets from adversary actions. All Internet traffic and Safehouse Access Point system files are downloaded and analyzed for suspicious activity. Watcher (alert) scripts report anomalies via a webhook notification that is indexed in ElasticSearch. These notifications are tied into the Safehouse 3D model and appear as color changes which inform the viewer that a potential malicious activity is occurring.