Detecting Koske malware with Wazuh

Detecting Koske malware with Wazuh

Post icon
/ Engineering
By

Koske malware is a new, trending malware that Aqua Nautilus first identified in July 2025. It is believed to be an AI-generated malware designed for cryptocurrency mining operations on Linux endpoints. The structure and characteristics of its code suggest that it may have been developed using large language models (LLMs) or automation frameworks. Koske is […]

Read more
Post icon
/ Engineering

Detecting Koske malware with Wazuh

By

Koske malware is a new, trending malware that Aqua Nautilus first identified in July 2025. It is believed to be an AI-generated malware designed for cryptocurrency mining operations on Linux endpoints. The structure and characteristics of its code suggest that it may have been developed using large language models (LLMs) or automation frameworks. Koske is […]

Read more
Wazuh and Lumu Announce Partnership to Deliver Integrated Threat Intelligence

Wazuh and Lumu Announce Partnership to Deliver Integrated Threat Intelligence

Post icon
/ News
By

San Jose, California, September 2025 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, announced a partnership with Lumu, a cybersecurity company that enables organizations to measure and understand compromise in real time through its Continuous Compromise Assessment model.  This integration enhances Wazuh’s SIEM and XDR […]

Read more
Post icon
/ News

Wazuh and Lumu Announce Partnership to Deliver Integrated Threat Intelligence

By

San Jose, California, September 2025 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, announced a partnership with Lumu, a cybersecurity company that enables organizations to measure and understand compromise in real time through its Continuous Compromise Assessment model.  This integration enhances Wazuh’s SIEM and XDR […]

Read more
Introducing Wazuh 4.13.0

Introducing Wazuh 4.13.0

Post icon
/ Releases
By

We are pleased to announce the release of Wazuh 4.13.0, a version that enhances data visibility and strengthens platform resilience. Key highlights include the introduction of the IT Hygiene dashboard, which provides users with the ability to centrally view and query IT Hygiene data. In addition, a new hot reload feature enables decoders, rules, and […]

Read more
Post icon
/ Releases

Introducing Wazuh 4.13.0

By

We are pleased to announce the release of Wazuh 4.13.0, a version that enhances data visibility and strengthens platform resilience. Key highlights include the introduction of the IT Hygiene dashboard, which provides users with the ability to centrally view and query IT Hygiene data. In addition, a new hot reload feature enables decoders, rules, and […]

Read more
Network security monitoring with Wazuh and Zeek

Network security monitoring with Wazuh and Zeek

Post icon
/ Engineering
By and

Network security focuses on ensuring the integrity, confidentiality, and availability of computer networks and data by preventing unauthorized access, misuse, or disruption. Continuous network monitoring provides visibility into network activity, enabling organizations to detect issues, optimize performance, and identify potential threats before they escalate into serious incidents. Wazuh is an open source SIEM/XDR platform that […]

Read more
Post icon
/ Engineering

Network security monitoring with Wazuh and Zeek

By and

Network security focuses on ensuring the integrity, confidentiality, and availability of computer networks and data by preventing unauthorized access, misuse, or disruption. Continuous network monitoring provides visibility into network activity, enabling organizations to detect issues, optimize performance, and identify potential threats before they escalate into serious incidents. Wazuh is an open source SIEM/XDR platform that […]

Read more
Wazuh and SmarTech-IT Announce Partnership to Strengthen Cybersecurity for European Organizations

Wazuh and SmarTech-IT Announce Partnership to Strengthen Cybersecurity for European Organizations

Post icon
/ News
By

San Jose, California, August 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, today announced a partnership with SmarTech-IT, a cybersecurity solutions provider serving small and medium-sized businesses, healthcare organizations, and local governments across Europe. SmarTech-IT will integrate Wazuh as its core open-source […]

Read more
Post icon
/ News

Wazuh and SmarTech-IT Announce Partnership to Strengthen Cybersecurity for European Organizations

By

San Jose, California, August 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, today announced a partnership with SmarTech-IT, a cybersecurity solutions provider serving small and medium-sized businesses, healthcare organizations, and local governments across Europe. SmarTech-IT will integrate Wazuh as its core open-source […]

Read more
Detecting and responding to Apos malware with Wazuh

Detecting and responding to Apos malware with Wazuh

Post icon
By

Apos, first identified in April 2024, has drawn significant attention in the security community due to its stealthy behavior and layered infection chain. Unlike opportunistic threats that indiscriminately target systems, Apos demonstrates a calculated focus on persistence and evasion. The malware often masquerades as legitimate software components, mimicking processes such as Chrome extension updates to […]

Read more
Post icon

Detecting and responding to Apos malware with Wazuh

By

Apos, first identified in April 2024, has drawn significant attention in the security community due to its stealthy behavior and layered infection chain. Unlike opportunistic threats that indiscriminately target systems, Apos demonstrates a calculated focus on persistence and evasion. The malware often masquerades as legitimate software components, mimicking processes such as Chrome extension updates to […]

Read more
Integrating Admin By Request (ABR) with Wazuh

Integrating Admin By Request (ABR) with Wazuh

Post icon
/ Engineering
By

Admin By Request (ABR) is a Privilege Access Management (PAM) tool designed for managing local administrator privileges. Granting permanent administrator rights can expose organizations to malware, privilege misuse, and compliance risks. Admin By Request addresses this by allowing users to request temporary, audited admin access when needed, eliminating the need for permanent local administrator rights. […]

Read more
Post icon
/ Engineering

Integrating Admin By Request (ABR) with Wazuh

By

Admin By Request (ABR) is a Privilege Access Management (PAM) tool designed for managing local administrator privileges. Granting permanent administrator rights can expose organizations to malware, privilege misuse, and compliance risks. Admin By Request addresses this by allowing users to request temporary, audited admin access when needed, eliminating the need for permanent local administrator rights. […]

Read more
Detecting defense evasion techniques with Wazuh

Detecting defense evasion techniques with Wazuh

Post icon
/ Engineering
By

Defense evasion techniques are methods that threat actors use to conceal their presence, bypass security mechanisms, and operate undetected on compromised systems. By evading detection, adversaries can maintain persistence and continue malicious activity even during active monitoring or security scans. Common defense evasion methods include disabling or uninstalling security tools, tampering with event logs, obfuscating […]

Read more
Post icon
/ Engineering

Detecting defense evasion techniques with Wazuh

By

Defense evasion techniques are methods that threat actors use to conceal their presence, bypass security mechanisms, and operate undetected on compromised systems. By evading detection, adversaries can maintain persistence and continue malicious activity even during active monitoring or security scans. Common defense evasion methods include disabling or uninstalling security tools, tampering with event logs, obfuscating […]

Read more
Wazuh and NETCB Partner to Advance Cybersecurity Across Southern Africa

Wazuh and NETCB Partner to Advance Cybersecurity Across Southern Africa

Post icon
/ News
By

San Jose, California, August 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announced a strategic partnership with NETCB, an ICT solutions provider specializing in cybersecurity, compliance, and digital infrastructure. NETCB will leverage Wazuh for security event monitoring and the development of security […]

Read more
Post icon
/ News

Wazuh and NETCB Partner to Advance Cybersecurity Across Southern Africa

By

San Jose, California, August 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announced a strategic partnership with NETCB, an ICT solutions provider specializing in cybersecurity, compliance, and digital infrastructure. NETCB will leverage Wazuh for security event monitoring and the development of security […]

Read more
Integrating ServiceNow with Wazuh

Integrating ServiceNow with Wazuh

Post icon
/ Engineering
By

ServiceNow is a cloud-based platform for IT Service Management (ITSM) that helps organizations manage digital workflows for enterprise operations. It provides a centralized system for handling incidents, changes, and requests, enabling process automation, visibility across departments, and structured response procedures. Integrating ServiceNow with Wazuh combines Wazuh threat detection and response capabilities with ServiceNow incident management. […]

Read more
Post icon
/ Engineering

Integrating ServiceNow with Wazuh

By

ServiceNow is a cloud-based platform for IT Service Management (ITSM) that helps organizations manage digital workflows for enterprise operations. It provides a centralized system for handling incidents, changes, and requests, enabling process automation, visibility across departments, and structured response procedures. Integrating ServiceNow with Wazuh combines Wazuh threat detection and response capabilities with ServiceNow incident management. […]

Read more
Measuring Wazuh performance and operational efficiency

Measuring Wazuh performance and operational efficiency

Post icon
/ Engineering
By

Measuring performance and operational efficiency of your XDR/SIEM ensures that it runs reliably, scales effectively, and delivers timely security insights. Monitoring metrics like resource usage, connection times, and log processing helps identify bottlenecks, optimize configurations, and prevent downtime. It also ensures that threat detection and intelligence coverage remain consistent, even under high workloads. The Wazuh […]

Read more
Post icon
/ Engineering

Measuring Wazuh performance and operational efficiency

By

Measuring performance and operational efficiency of your XDR/SIEM ensures that it runs reliably, scales effectively, and delivers timely security insights. Monitoring metrics like resource usage, connection times, and log processing helps identify bottlenecks, optimize configurations, and prevent downtime. It also ensures that threat detection and intelligence coverage remain consistent, even under high workloads. The Wazuh […]

Read more
Detecting LodaRAT malware with Wazuh

Detecting LodaRAT malware with Wazuh

Post icon
/ Engineering
By

LodaRAT is a remote access trojan (RAT) known for stealing sensitive data, executing commands, and maintaining persistence on infected systems. Commonly spread via phishing and malicious documents, it now uses advanced tactics like process injection, encrypted C2, and data exfiltration through legitimate services. Recently, a new variant of LodaRAT emerged that can steal saved passwords […]

Read more
Post icon
/ Engineering

Detecting LodaRAT malware with Wazuh

By

LodaRAT is a remote access trojan (RAT) known for stealing sensitive data, executing commands, and maintaining persistence on infected systems. Commonly spread via phishing and malicious documents, it now uses advanced tactics like process injection, encrypted C2, and data exfiltration through legitimate services. Recently, a new variant of LodaRAT emerged that can steal saved passwords […]

Read more
Monitoring MariaDB server with Wazuh

Monitoring MariaDB server with Wazuh

Post icon
/ Engineering
By

MariaDB is an open source database system that stores and manages structured data. It is often chosen for its reliability, speed, and compatibility with MySQL. Many websites, applications, and services use MariaDB to handle data securely and efficiently. Monitoring MariaDB provides real-time visibility into database activities, helping to detect suspicious behavior, prevent unauthorized access, and […]

Read more
Post icon
/ Engineering

Monitoring MariaDB server with Wazuh

By

MariaDB is an open source database system that stores and manages structured data. It is often chosen for its reliability, speed, and compatibility with MySQL. Many websites, applications, and services use MariaDB to handle data securely and efficiently. Monitoring MariaDB provides real-time visibility into database activities, helping to detect suspicious behavior, prevent unauthorized access, and […]

Read more
Keep up to date
with our digest of articles