Integrating Wazuh with Shuffle
This blog post shows how to integrate Wazuh with Shuffle with the out-of-the-box integration introduced in Wazuh 4.4.
Blog search results for 'Awwal Ishiaku'
Showing 10 of 10 resultsAudit Kubernetes with Wazuh
It is essential to log and audit Kubernetes cluster events. Check our new blog post to learn how to audit Kubernetes events with Wazuh.
Detecting illegitimate crypto miners on Linux endpoints
Crypto miners are programs that utilize computer resources to mine cryptocurrency. Mining is the process that several cryptocurrencies use to generate new coins and verify new transactions. Crypto miners usually...
Detecting Follina (CVE-2022-30190) attack with Wazuh
A remote code execution vulnerability affecting Microsoft Windows Support Diagnostic Tool (MSDT) was observed to be exploited as early as May 2022. The vulnerability is dubbed Follina and has the...
Monitoring Windows task scheduler to detect attack persistence
The Windows task scheduler is a tool in the Windows operating system that launches programs and executes predefined scripts at scheduled times or after specified time intervals. While Windows Task...
Detecting Spring4Shell (CVE-2022-22965) with Wazuh
A remote code execution (RCE) vulnerability that affects the Spring Java framework has been discovered. The vulnerability is dubbed Spring4Shell or SpringShell by the security community. It has the designation...
Using Wazuh and TheHive for threat protection and incident response
Wazuh is a unified SIEM and XDR platform that you can use to protect your infrastructure. A SIEM is essential to security operations, and in many instances, Security Operations Centers...
Detecting PwnKit (CVE-2021-4034) with Wazuh
Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones. In contrast to...
Analyzing ModSecurity events with Wazuh
In this blog post, we explain how to analyze ModSecurity events with Wazuh. Wazuh is a unified XDR and SIEM solution. It can be used to collect, analyze and correlate...
Detecting Log4Shell with Wazuh
Recently, a zero-day vulnerability dubbed Log4Shell with CVE-2021-44228 was detected in Apache’s Log4J 2 that allows malicious actors to launch RCE attacks. Learn how Wazuh can help with the monitoring...