Ensuring NIS2 compliance with Wazuh
Network and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion...
Network and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion...
San Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read moreSan Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read moreCross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read moreCross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read moreDaolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]
Read moreDaolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]
Read moreThe Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]
Read moreThe Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]
Read moreLearn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.
Read moreLearn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.
Read moreAn improved security alerting system enhances data breach prevention, ensures compliance, and streamlines operations through timely detection and efficient alert management. In exploring security alerting options for improved threat detection in Wazuh – Part 1, we covered the basic configuration and the first two monitor types. Now, let’s explore the remaining monitor types for better […]
Read moreAn improved security alerting system enhances data breach prevention, ensures compliance, and streamlines operations through timely detection and efficient alert management. In exploring security alerting options for improved threat detection in Wazuh – Part 1, we covered the basic configuration and the first two monitor types. Now, let’s explore the remaining monitor types for better […]
Read moreImperva Cloud WAF is a web application security firewall that protects against security threats, including OWASP Top 10, such as cross-site scripting, illegal resource access, and remote file inclusion. Web applications are common targets for cybercriminals who aim to exploit vulnerabilities and gain unauthorized access. Wazuh is a free and open source SIEM and XDR […]
Read moreImperva Cloud WAF is a web application security firewall that protects against security threats, including OWASP Top 10, such as cross-site scripting, illegal resource access, and remote file inclusion. Web applications are common targets for cybercriminals who aim to exploit vulnerabilities and gain unauthorized access. Wazuh is a free and open source SIEM and XDR […]
Read moreAmazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]
Read moreAmazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]
Read moreSan Jose, California, July 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a strategic partnership with ISS Technologies, a leader in delivering comprehensive Cloud and Cyber Security solutions and support services. ISS Technologies has over two decades of expertise in Cloud, Security, […]
Read moreSan Jose, California, July 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a strategic partnership with ISS Technologies, a leader in delivering comprehensive Cloud and Cyber Security solutions and support services. ISS Technologies has over two decades of expertise in Cloud, Security, […]
Read moreRecently, CrowdStrike, a prominent XDR (Extended Detection and Response) provider, encountered a significant technical issue that affected numerous organizations. This article examines the CrowdStrike incident and details how the architecture of Wazuh avoids similar risks. The CrowdStrike incident On July 18, 2024, a Blue Screen of Death (BSOD) issue associated with CrowdStrike’s Falcon sensor update […]
Read moreRecently, CrowdStrike, a prominent XDR (Extended Detection and Response) provider, encountered a significant technical issue that affected numerous organizations. This article examines the CrowdStrike incident and details how the architecture of Wazuh avoids similar risks. The CrowdStrike incident On July 18, 2024, a Blue Screen of Death (BSOD) issue associated with CrowdStrike’s Falcon sensor update […]
Read moreWazuh is an open source security platform that offers Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) capabilities to organizations. It provides security to IT infrastructure through real-time monitoring, threat detection, log analysis, vulnerability detection, and automated incident response. By collecting and analyzing security data from endpoints, Wazuh enables organizations to […]
Read moreWazuh is an open source security platform that offers Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) capabilities to organizations. It provides security to IT infrastructure through real-time monitoring, threat detection, log analysis, vulnerability detection, and automated incident response. By collecting and analyzing security data from endpoints, Wazuh enables organizations to […]
Read moreSecurity alerting enables organizations to promptly detect potential security incidents, allowing for rapid response and risk mitigation. Organizations can immediately prevent breaches, comply with regulatory requirements, and optimize operational efficiency by receiving timely alerts. Automated security alerting streamlines incident response processes, minimizing downtime and optimizing resource usage while demonstrating a commitment to proactive security measures. […]
Read moreSecurity alerting enables organizations to promptly detect potential security incidents, allowing for rapid response and risk mitigation. Organizations can immediately prevent breaches, comply with regulatory requirements, and optimize operational efficiency by receiving timely alerts. Automated security alerting streamlines incident response processes, minimizing downtime and optimizing resource usage while demonstrating a commitment to proactive security measures. […]
Read moreWindows Performance Counter provides an in-depth and consistent interface for collecting different types of system data such as processor, memory, and disk usage statistics. Performance counters can be used to monitor system resources and performance. Windows performance counter data can be viewed in real time with the perfmon utility or alternatively, through the Powershell cmdlet […]
Read moreWindows Performance Counter provides an in-depth and consistent interface for collecting different types of system data such as processor, memory, and disk usage statistics. Performance counters can be used to monitor system resources and performance. Windows performance counter data can be viewed in real time with the perfmon utility or alternatively, through the Powershell cmdlet […]
Read more