Ground Rules

Ground Rules demonstrates a minimum viable security architecture for small to mid-sized operations looking to move from ad-hoc security practices (CS-CMM Level 2) to a documented, repeatable security posture (Level 3).

The project establishes a practical baseline: an overlay network connecting onsite edge compute nodes to a cloud-hosted service node, with all management traffic confined to the overlay. The service node never exposes administrative interfaces to the public internet — it handles secrets management, intrusion detection, and security dashboards exclusively over the private overlay.

Isolation — edge nodes and the service node communicate only over an authenticated overlay, reducing attack surface

Observability — Wazuh provides continuous visibility across all nodes from a single pane

Repeatability — the deployment can be documented, audited, and reproduced, which is the core requirement for CS-CMM Level 3