Blog / Engineering / Wazuh integration with Amazon Security Lake as a custom source
Amazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications....
Blog / Engineering / Kuiper ransomware detection and response with Wazuh
The Kuiper ransomware is a strain of ransomware written in Golang that encrypts data on various endpoints such as Windows, macOS, and Linux in exchange for money. It utilizes a...
Blog / Engineering / Deploying Wazuh agents using Windows Group Policy Objects (GPO)
In this case, we will learn how to deploying the Wazuh agent on a Windows Active Directory infrastructure using Group Policy Objects (GPO).
Blog / Engineering / Blackbit ransomware detection with Wazuh
Blackbit ransomware is a variant of the LokiLocker ransomware. It utilizes sophisticated techniques to encrypt and obstruct data recovery. The ransomware is built on the Ransomware-as-a-service (RaaS) model. RaaS is...
Blog / Engineering / CrossLock ransomware detection with Wazuh
CrossLock ransomware is a recent strain of ransomware developed using the Go programming language, making it harder to reverse engineer. The ransomware is capable of infecting several platforms, including Windows...
Blog / Engineering / Monitoring SFX archives with Wazuh
Our new blog post shows how to detect SFX archives exhibiting suspicious behavior with Wazuh.
Blog / Engineering / How to detect Active Directory attacks with Wazuh [Part 2 of 2]
In this blog post, we continue showing how Wazuh can detect some common Active Directory attacks using Windows security logs.
Blog / Engineering / How to detect Active Directory attacks with Wazuh [Part 1 of 2]
This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on Sysmon.
Blog / Engineering / Detecting Lockbit 3.0 ransomware with Wazuh
Lockbit ransomware uses a broad range of techniques to target organizations worldwide. Check our new blog post to learn how to detect Lockbit 3.0 ransomware with Wazuh