Wazuh Partners with ActionLabs to Enhance Managed IT Services

Wazuh Partners with ActionLabs to Enhance Managed IT Services

Post icon
/ News
By

San Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]

Read more
Post icon
/ News

Wazuh Partners with ActionLabs to Enhance Managed IT Services

By

San Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]

Read more
Managing multiple Wazuh clusters with Cross-Cluster Search

Managing multiple Wazuh clusters with Cross-Cluster Search

Post icon
/ Engineering
By

Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]

Read more
Post icon
/ Engineering

Managing multiple Wazuh clusters with Cross-Cluster Search

By

Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]

Read more
Daolpu infostealer detection and response with Wazuh

Daolpu infostealer detection and response with Wazuh

Post icon
/ Engineering
By

Daolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]

Read more
Post icon
/ Engineering

Daolpu infostealer detection and response with Wazuh

By

Daolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]

Read more
Achieving CJIS compliance with Wazuh

Achieving CJIS compliance with Wazuh

Post icon
/ Engineering
By

The Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]

Read more
Post icon
/ Engineering

Achieving CJIS compliance with Wazuh

By

The Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]

Read more
How to configure Rsyslog client to send events to Wazuh

How to configure Rsyslog client to send events to Wazuh

Post icon
/ Engineering
By and

Learn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.

Read more
Post icon
/ Engineering

How to configure Rsyslog client to send events to Wazuh

By and

Learn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.

Read more
Exploring security alerting options for improved threat detection in Wazuh – Part 2

Exploring security alerting options for improved threat detection in Wazuh – Part 2

Post icon
/ Engineering
By

An improved security alerting system enhances data breach prevention, ensures compliance, and streamlines operations through timely detection and efficient alert management. In exploring security alerting options for improved threat detection in Wazuh – Part 1, we covered the basic configuration and the first two monitor types. Now, let’s explore the remaining monitor types for better […]

Read more
Post icon
/ Engineering

Exploring security alerting options for improved threat detection in Wazuh – Part 2

By

An improved security alerting system enhances data breach prevention, ensures compliance, and streamlines operations through timely detection and efficient alert management. In exploring security alerting options for improved threat detection in Wazuh – Part 1, we covered the basic configuration and the first two monitor types. Now, let’s explore the remaining monitor types for better […]

Read more
Integrating Imperva cloud web application firewall (CWAF) with Wazuh

Integrating Imperva cloud web application firewall (CWAF) with Wazuh

Post icon
/ Engineering
By

Imperva Cloud WAF is a web application security firewall that protects against security threats, including OWASP Top 10, such as cross-site scripting, illegal resource access, and remote file inclusion. Web applications are common targets for cybercriminals who aim to exploit vulnerabilities and gain unauthorized access. Wazuh is a free and open source SIEM and XDR […]

Read more
Post icon
/ Engineering

Integrating Imperva cloud web application firewall (CWAF) with Wazuh

By

Imperva Cloud WAF is a web application security firewall that protects against security threats, including OWASP Top 10, such as cross-site scripting, illegal resource access, and remote file inclusion. Web applications are common targets for cybercriminals who aim to exploit vulnerabilities and gain unauthorized access. Wazuh is a free and open source SIEM and XDR […]

Read more
Wazuh integration with Amazon Security Lake as a custom source

Wazuh integration with Amazon Security Lake as a custom source

Post icon
/ Engineering
By

Amazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]

Read more
Post icon
/ Engineering

Wazuh integration with Amazon Security Lake as a custom source

By

Amazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]

Read more
Wazuh Announces Partnership with ISS Technologies

Wazuh Announces Partnership with ISS Technologies

Post icon
/ News
By

San Jose, California, July 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a strategic partnership with ISS Technologies, a leader in delivering comprehensive Cloud and Cyber Security solutions and support services. ISS Technologies has over two decades of expertise in Cloud, Security, […]

Read more
Post icon
/ News

Wazuh Announces Partnership with ISS Technologies

By

San Jose, California, July 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a strategic partnership with ISS Technologies, a leader in delivering comprehensive Cloud and Cyber Security solutions and support services. ISS Technologies has over two decades of expertise in Cloud, Security, […]

Read more
CrowdStrike BSOD incident and how Wazuh avoids similar risks

CrowdStrike BSOD incident and how Wazuh avoids similar risks

Post icon
/ News
By

Recently, CrowdStrike, a prominent XDR (Extended Detection and Response) provider, encountered a significant technical issue that affected numerous organizations. This article examines the CrowdStrike incident and details how the architecture of Wazuh avoids similar risks. The CrowdStrike incident On July 18, 2024, a Blue Screen of Death (BSOD) issue associated with CrowdStrike’s Falcon sensor update […]

Read more
Post icon
/ News

CrowdStrike BSOD incident and how Wazuh avoids similar risks

By

Recently, CrowdStrike, a prominent XDR (Extended Detection and Response) provider, encountered a significant technical issue that affected numerous organizations. This article examines the CrowdStrike incident and details how the architecture of Wazuh avoids similar risks. The CrowdStrike incident On July 18, 2024, a Blue Screen of Death (BSOD) issue associated with CrowdStrike’s Falcon sensor update […]

Read more
Deploying Wazuh agents using ManageEngine

Deploying Wazuh agents using ManageEngine

Post icon
/ Engineering
By

Wazuh is an open source security platform that offers Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) capabilities to organizations. It provides security to IT infrastructure through real-time monitoring, threat detection, log analysis, vulnerability detection, and automated incident response. By collecting and analyzing security data from endpoints, Wazuh enables organizations to […]

Read more
Post icon
/ Engineering

Deploying Wazuh agents using ManageEngine

By

Wazuh is an open source security platform that offers Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) capabilities to organizations. It provides security to IT infrastructure through real-time monitoring, threat detection, log analysis, vulnerability detection, and automated incident response. By collecting and analyzing security data from endpoints, Wazuh enables organizations to […]

Read more
Exploring security alerting options for improved threat detection in Wazuh – Part 1

Exploring security alerting options for improved threat detection in Wazuh – Part 1

Post icon
/ Engineering
By

Security alerting enables organizations to promptly detect potential security incidents, allowing for rapid response and risk mitigation. Organizations can immediately prevent breaches, comply with regulatory requirements, and optimize operational efficiency by receiving timely alerts. Automated security alerting streamlines incident response processes, minimizing downtime and optimizing resource usage while demonstrating a commitment to proactive security measures. […]

Read more
Post icon
/ Engineering

Exploring security alerting options for improved threat detection in Wazuh – Part 1

By

Security alerting enables organizations to promptly detect potential security incidents, allowing for rapid response and risk mitigation. Organizations can immediately prevent breaches, comply with regulatory requirements, and optimize operational efficiency by receiving timely alerts. Automated security alerting streamlines incident response processes, minimizing downtime and optimizing resource usage while demonstrating a commitment to proactive security measures. […]

Read more
Monitoring Windows resources with Performance Counters

Monitoring Windows resources with Performance Counters

Post icon
/ Engineering
By and

Windows Performance Counter provides an in-depth and consistent interface for collecting different types of system data such as processor, memory, and disk usage statistics. Performance counters can be used to monitor system resources and performance. Windows performance counter data can be viewed in real time with the perfmon utility or alternatively, through the Powershell cmdlet […]

Read more
Post icon
/ Engineering

Monitoring Windows resources with Performance Counters

By and

Windows Performance Counter provides an in-depth and consistent interface for collecting different types of system data such as processor, memory, and disk usage statistics. Performance counters can be used to monitor system resources and performance. Windows performance counter data can be viewed in real time with the perfmon utility or alternatively, through the Powershell cmdlet […]

Read more
Keep up to date
with our digest of articles