Monitoring AWS Managed Microsoft Active Directory with Wazuh

Monitoring AWS Managed Microsoft Active Directory with Wazuh

Post icon
/ Engineering
By

AWS Managed Microsoft Active Directory (AD) is an AWS Directory Service that provides users, businesses, and organizations different options to use Microsoft Active Directory (AD) with other AWS services. AWS Managed Microsoft AD stores information about users, groups, and devices, and system administrators use this Directory Service to manage access to this information.  AWS Managed […]

Read more
Post icon
/ Engineering

Monitoring AWS Managed Microsoft Active Directory with Wazuh

By

AWS Managed Microsoft Active Directory (AD) is an AWS Directory Service that provides users, businesses, and organizations different options to use Microsoft Active Directory (AD) with other AWS services. AWS Managed Microsoft AD stores information about users, groups, and devices, and system administrators use this Directory Service to manage access to this information.  AWS Managed […]

Read more
Integrating SentinelOne XDR with Wazuh

Integrating SentinelOne XDR with Wazuh

Post icon
/ Engineering
By

SentinelOne XDR is designed to provide comprehensive protection against advanced threats and cyberattacks. By leveraging sophisticated behavioral analysis and threat intelligence, SentinelOne XDR delivers a robust defense mechanism to ensure a proactive and adaptive approach to cybersecurity. By integrating SentinelOne XDR with Wazuh, a unified XDR and SIEM platform, security analysts and administrators can benefit […]

Read more
Post icon
/ Engineering

Integrating SentinelOne XDR with Wazuh

By

SentinelOne XDR is designed to provide comprehensive protection against advanced threats and cyberattacks. By leveraging sophisticated behavioral analysis and threat intelligence, SentinelOne XDR delivers a robust defense mechanism to ensure a proactive and adaptive approach to cybersecurity. By integrating SentinelOne XDR with Wazuh, a unified XDR and SIEM platform, security analysts and administrators can benefit […]

Read more
Wazuh and DigiFors Unite to Strengthen Cybersecurity Offerings

Wazuh and DigiFors Unite to Strengthen Cybersecurity Offerings

Post icon
/ News
By

San Jose, California, February 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is proud to announce a strategic partnership with DigiFors GmbH, a highly specialized company renowned for its expertise in digital forensics and IT security. Key Highlights of the Partnership: Wazuh […]

Read more
Post icon
/ News

Wazuh and DigiFors Unite to Strengthen Cybersecurity Offerings

By

San Jose, California, February 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is proud to announce a strategic partnership with DigiFors GmbH, a highly specialized company renowned for its expertise in digital forensics and IT security. Key Highlights of the Partnership: Wazuh […]

Read more
Detecting AsyncRAT with Wazuh

Detecting AsyncRAT with Wazuh

Post icon
/ Engineering
By

AsyncRAT is an open source remote access tool that is commonly used by threat actors for file exfiltration and remote desktop control. Threat actors use script injectors and phishing attachments to deliver AsyncRAT to victim endpoints across numerous campaigns. AsyncRAT has consistently ranked among the top 10 malware trends on Any.run for several months. BleepingComputer […]

Read more
Post icon
/ Engineering

Detecting AsyncRAT with Wazuh

By

AsyncRAT is an open source remote access tool that is commonly used by threat actors for file exfiltration and remote desktop control. Threat actors use script injectors and phishing attachments to deliver AsyncRAT to victim endpoints across numerous campaigns. AsyncRAT has consistently ranked among the top 10 malware trends on Any.run for several months. BleepingComputer […]

Read more
Wazuh and Moda Experts Forge Strategic Alliance to Elevate Cybersecurity Solutions

Wazuh and Moda Experts Forge Strategic Alliance to Elevate Cybersecurity Solutions

Post icon
/ News
By

San Jose, California, February 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is delighted to announce a strategic partnership with Moda Experts, a distinguished provider of  Cyber Security and IT Cost Containment Solutions for Small and Medium Businesses. Key Highlights of the […]

Read more
Post icon
/ News

Wazuh and Moda Experts Forge Strategic Alliance to Elevate Cybersecurity Solutions

By

San Jose, California, February 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is delighted to announce a strategic partnership with Moda Experts, a distinguished provider of  Cyber Security and IT Cost Containment Solutions for Small and Medium Businesses. Key Highlights of the […]

Read more
Monitoring USB drives in macOS using Wazuh

Monitoring USB drives in macOS using Wazuh

Post icon
/ Engineering
By

USB drives are useful for transferring files on macOS systems, providing a quick and simple way to share documents, photos, and more between devices. They’re plug-and-play, allowing users to easily access and transfer data. However, it’s essential to be cautious about security. USB drives can carry malware, posing a risk to your macOS systems. Organizations […]

Read more
Post icon
/ Engineering

Monitoring USB drives in macOS using Wazuh

By

USB drives are useful for transferring files on macOS systems, providing a quick and simple way to share documents, photos, and more between devices. They’re plug-and-play, allowing users to easily access and transfer data. However, it’s essential to be cautious about security. USB drives can carry malware, posing a risk to your macOS systems. Organizations […]

Read more
Wazuh and NetByte Forge Strategic Partnership to Enhance Cybersecurity Solutions

Wazuh and NetByte Forge Strategic Partnership to Enhance Cybersecurity Solutions

Post icon
/ News
By

San Jose, California, January 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is excited to announce a strategic partnership with NetByte.AI, a pioneer in intelligent Secure SaaS Infrastructure Monitoring Solutions empowered by Artificial Intelligence (AI). This collaboration aims to deliver a holistic cybersecurity […]

Read more
Post icon
/ News

Wazuh and NetByte Forge Strategic Partnership to Enhance Cybersecurity Solutions

By

San Jose, California, January 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is excited to announce a strategic partnership with NetByte.AI, a pioneer in intelligent Secure SaaS Infrastructure Monitoring Solutions empowered by Artificial Intelligence (AI). This collaboration aims to deliver a holistic cybersecurity […]

Read more
Wazuh and PT MEDIA TELEKOMUNIKASI MANDIRI Forge Powerful Alliance in Strategic Cybersecurity Partnership

Wazuh and PT MEDIA TELEKOMUNIKASI MANDIRI Forge Powerful Alliance in Strategic Cybersecurity Partnership

Post icon
/ News
By

San Jose, California, January 2024 – Wazuh, a pioneer in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, proudly announces a strategic partnership with PT MEDIA TELEKOMUNIKASI MANDIRI. Renowned as a system integration company and ICT solution partner, PT MEDIA TELEKOMUNIKASI MANDIRI specializes in providing IT network infrastructure solutions […]

Read more
Post icon
/ News

Wazuh and PT MEDIA TELEKOMUNIKASI MANDIRI Forge Powerful Alliance in Strategic Cybersecurity Partnership

By

San Jose, California, January 2024 – Wazuh, a pioneer in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, proudly announces a strategic partnership with PT MEDIA TELEKOMUNIKASI MANDIRI. Renowned as a system integration company and ICT solution partner, PT MEDIA TELEKOMUNIKASI MANDIRI specializes in providing IT network infrastructure solutions […]

Read more
Enhancing data security with the Wazuh open source FIM

Enhancing data security with the Wazuh open source FIM

Post icon
/ Engineering
By

File Integrity Monitoring (FIM) is an IT security process that validates the integrity of system files to ensure they have not been tampered with or modified. This security process provides IT teams with file-level intelligence on when files are accessed, who tempers with files, and what is changed in files. Implementing File Integrity Monitoring helps […]

Read more
Post icon
/ Engineering

Enhancing data security with the Wazuh open source FIM

By

File Integrity Monitoring (FIM) is an IT security process that validates the integrity of system files to ensure they have not been tampered with or modified. This security process provides IT teams with file-level intelligence on when files are accessed, who tempers with files, and what is changed in files. Implementing File Integrity Monitoring helps […]

Read more
Monitoring network devices with Wazuh

Monitoring network devices with Wazuh

Post icon
/ Engineering
By

A network device is a hardware or software component that facilitates the transfer of data and information between nodes within a network. Common types of network devices include routers, switches, hubs, modems, access points, and firewalls.  Without adequate safeguards, network devices become vulnerable entry points for malicious actors to gain unauthorized access to systems, orchestrate […]

Read more
Post icon
/ Engineering

Monitoring network devices with Wazuh

By

A network device is a hardware or software component that facilitates the transfer of data and information between nodes within a network. Common types of network devices include routers, switches, hubs, modems, access points, and firewalls.  Without adequate safeguards, network devices become vulnerable entry points for malicious actors to gain unauthorized access to systems, orchestrate […]

Read more
Meduza Stealer detection and mitigation with Wazuh

Meduza Stealer detection and mitigation with Wazuh

Post icon
/ Engineering
By

Meduza Stealer is a malware that is designed solely for comprehensive data theft. It is a powerful stealer that targets Windows operating systems. It steals system information and a wide range of browser-related information. These include sensitive login credentials, browsing history, saved bookmarks, crypto wallet extensions, password managers, and 2FA (two-factor authentication) extensions. Once stolen […]

Read more
Post icon
/ Engineering

Meduza Stealer detection and mitigation with Wazuh

By

Meduza Stealer is a malware that is designed solely for comprehensive data theft. It is a powerful stealer that targets Windows operating systems. It steals system information and a wide range of browser-related information. These include sensitive login credentials, browsing history, saved bookmarks, crypto wallet extensions, password managers, and 2FA (two-factor authentication) extensions. Once stolen […]

Read more
Detecting vulnerabilities in container images using Amazon ECR and Wazuh

Detecting vulnerabilities in container images using Amazon ECR and Wazuh

Post icon
/ Engineering
By

Amazon Elastic Container Registry (ECR) is an Amazon Web Services (AWS) managed container image registry service that stores, shares, and deploys container images. Amazon ECR provides an image scanning feature that uses the Common Vulnerabilities and Exposure (CVEs) database from the open source Clair project to detect vulnerabilities in container images. AWS provides a template […]

Read more
Post icon
/ Engineering

Detecting vulnerabilities in container images using Amazon ECR and Wazuh

By

Amazon Elastic Container Registry (ECR) is an Amazon Web Services (AWS) managed container image registry service that stores, shares, and deploys container images. Amazon ECR provides an image scanning feature that uses the Common Vulnerabilities and Exposure (CVEs) database from the open source Clair project to detect vulnerabilities in container images. AWS provides a template […]

Read more
Detecting keyloggers (T1056.001) on Linux endpoints

Detecting keyloggers (T1056.001) on Linux endpoints

Post icon
/ Engineering
By and

Keyloggers are spyware that monitor and record user keystrokes on endpoints. Some variants relay the recorded data to an external party or attacker, enabling threat actors to exfiltrate user credentials or other sensitive information. This blog post focuses on detecting Indicators of Compromise (IoC) for keyloggers that utilize living-off-the-land (LOTL) techniques. LOTL is an attack […]

Read more
Post icon
/ Engineering

Detecting keyloggers (T1056.001) on Linux endpoints

By and

Keyloggers are spyware that monitor and record user keystrokes on endpoints. Some variants relay the recorded data to an external party or attacker, enabling threat actors to exfiltrate user credentials or other sensitive information. This blog post focuses on detecting Indicators of Compromise (IoC) for keyloggers that utilize living-off-the-land (LOTL) techniques. LOTL is an attack […]

Read more
Keep up to date
with our digest of articles