Blog / Engineering / Why does Wazuh need an Elasticsearch template?
On the Elasticsearch website, we can find the following description: Index templates allow you to define templates that will automatically be applied when new indices are created. The templates include...
Blog / Engineering / How to forward Android syslog to Wazuh
Every Android device has system logs just like any other operating system. Thanks to Wazuh, we can extract beneficial information from these logs by sending them to a Wazuh manager...
Blog / Engineering / Updating the ruleset automatically
The ruleset is one of the most important parts of OSSEC. Thanks to the ruleset, OSSEC is able to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootkits,...
Blog / Engineering / Blocking attacks with Active Response
Note Wazuh v4.2.0 includes breaking changes in Active Response. Check out our documentation for updates on Blocking attacks with Active Response. In this post, we will discuss how to blocking...
Blog / Engineering / Using OSINT to create CDB lists and block malicious IPs
Today’s post is about using Open Source Intelligence, OSINT, and CDB lists. Let’s start with the latter. If you have been using Wazuh for a while, you, for instance, might...
Blog / Releases / Wazuh v2.1.0 released!
Today we are pleased to announce the release of Wazuh v2.1.0. We have added new features and fixed several bugs. You can find all the details in our release notes and changelog file. Additionally,...
Blog / Engineering / How to purge non-active agents
Note Check Removing disconnected agents in Wazuh documentation for version 4.3+. Wazuh agents move through all the stages of their life cycle, sometimes leaving the agents permanently disconnected (i.e: terminated instances)...
Blog / Engineering / Preventing and detecting ransomware with Wazuh
Actions to prevent and detect ransomware attacks are mandatory to keep your system safe. In this article you will learn how Wazuh can help detect ransomware attacks in progress using...
Blog / News / Wazuh Cloud Platform Achieves PCI DSS Compliance
The Wazuh Cloud platform has been validated as PCI DSS Level 1 Service Provider compliant. The Payment Card Industry Data Security Standard (PCI DSS) specifies best practices and security controls needed to keep credit...
Blog / Engineering / Detecting Metasploit attacks
We are going to attack a vulnerable server using Metasploit and then we will see how to use Wazuh to detect various of its attacks. This framework is the most used penetration...
Blog / News / Wazuh and Mission First sign a key partnership agreement
...First General Manager. Alberto Gonzalez, COO of Wazuh, expressed “Partnering with Mission First underscores Wazuh’s commitment to delivering comprehensive cybersecurity solutions worldwide. Together, we leverage our expertise to fortify organizations...
Blog / News / Cloudfence and Wazuh sign a partnership agreement
...core nature aligns perfectly, it’s only natural for us to continue to grow together by signing a partnership agreement”, said Alberto Gonzalez, COO at Wazuh. To learn more about Cloudfence,...