Blog / Engineering / Detecting Living Off the Land attacks with Wazuh
Living Off the Land (LOTL) attacks are a cyber threat technique in which attackers leverage existing, legitimate tools and features within an environment to conduct malicious activities. This approach allows...
Blog / Engineering / Monitoring network devices with Wazuh
A network device is a hardware or software component that facilitates the transfer of data and information between nodes within a network. Common types of network devices include routers, switches,...
Blog / Releases / Introducing Wazuh 4.6.0
We are excited to announce the release of Wazuh 4.6.0, with new and enhanced capabilities, new use cases, and improved documentation. This marks a significant achievement for our project and...
Blog / Engineering / Monitoring remote OpenVPN connections with GeoIP and Wazuh XDR
The global pandemic in 2020 gave rise to more companies adopting remote working tools, services, and collaboration solutions. But organizations that utilize remote work services expose themselves to a wider...
Blog / Engineering / Responding to network attacks with Suricata and Wazuh XDR
This blog post focuses on protecting an endpoint from network attacks using Suricata and the Wazuh active response module.
Blog / Engineering / Detecting Windows Screensaver persistence attack with Wazuh
Screensaver is a feature on operating systems that lets users display a message or graphic animation after a certain amount of idle time has elapsed. Threat actors are known to...