feat: Add sovereign tool stack and integrate ASTRAL/AOC across playbooks
New document: Sovereign Tool Stack — complete capability map for our open-source consulting arsenal. Documents updated: - sovereign-tool-stack.md (new): Maps Prowler, BloodHound, CISO Assistant, Purple Knight/Forest Druid, ASTRAL, and AOC to engagement modules and antifragile pillars. Identifies 6 gaps with recommended closes: Wazuh+Sysmon (EDR), Shuffle (SOAR), TheHive+Cortex (case management), Cartography (cloud asset mapping), Syft+Grype+Trivy (containers), Zeek+Suricata (network analysis). Includes per-module tool pairing, deployment complexity matrix, and integration architecture. - m365-e3-hardening.md: Added ASTRAL 'configuration immunity' section and AOC audit log integration references - endpoint-management-entry-vector.md: Added ASTRAL for Intune configuration backup and drift detection - modular-engagements.md: Added ASTRAL and AOC to Module 1/2/3 deliverables; linked sovereign tool stack - retained-capability.md: Added AOC and Wazuh to detection engineering description - ai-assisted-tvm.md: Added AOC and Prowler to discovery layer table - blue-purple-team-foundation.md: Added sovereign tool stack reference for open-source SOC architecture - zero-budget-hardening.md: Linked sovereign tool stack - README.md + index.md: Added sovereign-tool-stack.md to navigation
This commit is contained in:
@@ -264,3 +264,4 @@ The Zero-Budget Hardening Playbook maps directly onto the [Rapid Modernisation P
|
||||
|
||||
*Previous: [Rapid Modernisation Plan](rapid-modernisation-plan.md)*
|
||||
*Next: [Implementation Playbook](implementation-playbook.md)*
|
||||
*For the complete open-source tool arsenal and capability map, see [Sovereign Tool Stack](sovereign-tool-stack.md)*
|
||||
|
||||
Reference in New Issue
Block a user