Quick Start Guide

Prerequisites

Before installing the Veltrix Security Automation Platform, ensure you have the following prerequisites:

• System Requirements:
  • A Linux-based system (Ubuntu 20.04 LTS or later recommended)
  • Minimum 4 CPU cores
  • 8GB RAM
  • 50GB disk space
• Software Requirements:
  • Docker Engine (version 20.10 or later)
  • Docker Compose (version 2.0 or later)
  • Git
• Network Requirements:
  • Outbound internet access for downloading packages
  • Open ports 80 and 443 for web interface access
  • Open port 22 for SSH access (installation only)
• Access Requirements:
  • Administrative (sudo) access to the installation system
  • Access credentials for any security tools you plan to integrate

Installation

Follow these steps to install the Veltrix Security Automation Platform:

Step 1: Download the Installation Script

Open a terminal and run the following command to download the installation script:

curl -sSL https://install.veltrixsecops.com > install.sh
chmod +x install.sh

Step 2: Run the Installation Script

Execute the installation script with the following command:

sudo ./install.sh

The script will perform the following actions:

• Verify system requirements
• Install dependencies if necessary
• Create a dedicated service user
• Download and configure the Veltrix platform components
• Set up the initial database
• Configure the web server
• Start the services

Step 3: Verify the Installation

Once the installation is complete, verify that the services are running correctly:

sudo systemctl status veltrix

You should see output indicating that the service is active (running).

curl -sSL https://install.veltrixsecops.com/docker-compose.yml > docker-compose.yml
docker-compose up -d

Initial Setup

Step 1: Access the Web Interface

Open a web browser and navigate to the following URL:

https://your-server-ip

If you're accessing the platform on the same machine where it's installed, you can use:

https://localhost

Step 2: Create the Administrator Account

When you access the platform for the first time, you'll be prompted to create an administrator account. Fill in the following information:

• Full Name
• Email Address
• Password (must meet complexity requirements)
• Organization Name

Step 3: Configure System Settings

After creating the administrator account, you'll be guided through a basic configuration wizard. Configure the following settings:

• Email Notifications: Configure SMTP settings for email notifications
• License Information: Enter your license key if you have one, or continue with the evaluation license
• Security Settings: Configure authentication options, session timeouts, and other security parameters
• Storage Settings: Configure backup location and retention policy

Once you've completed the initial configuration, you'll be redirected to the main dashboard.

Connecting Your First Security Tool

The Veltrix Security Automation Platform is designed to integrate with your existing security tools. Let's connect your first tool to implement security orchestration and security configuration management:

Fig 1: Security Orchestration Integration Dashboard with Connected Tools

Step 1: Navigate to Integrations

From the main dashboard, click on Settings in the left navigation menu, then select Integrations.

Step 2: Select a Tool to Connect

Browse the available integrations or use the search function to find a specific tool. For this example, we'll connect to Splunk, a common SIEM solution:

1. Find and click on the Splunk integration card
2. Click Add Connection
3. Enter a name for this connection (e.g., "Production Splunk")
4. Enter the Splunk URL (e.g., https://splunk.example.com:8089)
5. Enter your Splunk API credentials
6. Click Test Connection to verify the connection works
7. Once verified, click Save Connection

Step 3: Configure Default Settings

After connecting the tool, you'll be prompted to configure default settings for this integration:

1. Configure which data sources to use
2. Set up default search parameters
3. Define alert mapping

These settings can be adjusted later as needed.

Creating Your First Security Automation Workflow

Now let's create a simple security orchestration workflow to automate a common security task:

Step 1: Navigate to Workflows

From the main dashboard, click on Automation in the left navigation menu, then select Workflows.

Step 2: Create a New Workflow

Click the Create Workflow button in the top-right corner of the page.

Step 3: Define the Workflow

For this example, we'll create a simple workflow that automatically enriches security alerts:

1. Enter a name for the workflow (e.g., "Alert Enrichment")
2. Enter a description (e.g., "Automatically enriches security alerts with additional context")
3. Set the trigger to "New Alert Created"
4. In the workflow designer, add the following actions:
   • IP Reputation Lookup
   • User Information Lookup
   • Asset Information Lookup
   • Update Alert with Enrichment Data
5. Connect the actions in sequence
6. Configure each action with the appropriate parameters
7. Set up conditional branching for different alert types if needed
8. Click Save Workflow

Step 4: Test the Workflow

Now let's test the workflow to ensure it works correctly:

1. Click Test Workflow in the top-right corner
2. Select a sample alert or create a test alert
3. Click Run Test
4. Review the workflow execution results
5. Make any necessary adjustments to the workflow configuration

Step 5: Activate the Workflow

Once you're satisfied with the testing results, activate the workflow:

1. Click Activate in the top-right corner
2. Confirm the activation

The workflow is now active and will automatically run whenever the specified trigger event occurs.

Next Steps

Now that you have successfully installed the Veltrix Security Automation Platform, connected your first tool, and created your first workflow, here are some recommended next steps: