Wazuh Announces Partnership with  iG2 Group Inc

Wazuh Announces Partnership with  iG2 Group Inc

Post icon
/ News
By

San Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]

Read more
Post icon
/ News

Wazuh Announces Partnership with  iG2 Group Inc

By

San Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]

Read more
Wazuh Announces Strategic Partnership with Wowrack

Wazuh Announces Strategic Partnership with Wowrack

Post icon
/ News
By

San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]

Read more
Post icon
/ News

Wazuh Announces Strategic Partnership with Wowrack

By

San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]

Read more
Detecting CUPS remote code execution vulnerability with Wazuh

Detecting CUPS remote code execution vulnerability with Wazuh

Post icon
/ Engineering
By and

CUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]

Read more
Post icon
/ Engineering

Detecting CUPS remote code execution vulnerability with Wazuh

By and

CUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]

Read more
How Wazuh detects and responds to Mint Stealer

How Wazuh detects and responds to Mint Stealer

Post icon
/ Engineering
By

Mint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]

Read more
Post icon
/ Engineering

How Wazuh detects and responds to Mint Stealer

By

Mint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]

Read more
Detecting PureHVNC malware with Wazuh

Detecting PureHVNC malware with Wazuh

Post icon
/ Engineering
By

PureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness.  PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]

Read more
Post icon
/ Engineering

Detecting PureHVNC malware with Wazuh

By

PureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness.  PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]

Read more
Scanning Docker infrastructure against CIS Benchmark with Wazuh

Scanning Docker infrastructure against CIS Benchmark with Wazuh

Post icon
/ Engineering
By

Docker has revolutionized the way to deploy applications, offering scalability, consistency, and efficiency. However, these benefits come with security challenges that must be addressed to protect your infrastructure. The Center for Internet Security (CIS) Docker Benchmark provides a comprehensive set of guidelines to secure Docker environments. This blog post shows how to automate the compliance […]

Read more
Post icon
/ Engineering

Scanning Docker infrastructure against CIS Benchmark with Wazuh

By

Docker has revolutionized the way to deploy applications, offering scalability, consistency, and efficiency. However, these benefits come with security challenges that must be addressed to protect your infrastructure. The Center for Internet Security (CIS) Docker Benchmark provides a comprehensive set of guidelines to secure Docker environments. This blog post shows how to automate the compliance […]

Read more
Introducing Wazuh 4.9.0

Introducing Wazuh 4.9.0

Post icon
/ Releases
By

We are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]

Read more
Post icon
/ Releases

Introducing Wazuh 4.9.0

By

We are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]

Read more
Ensuring NIS2 compliance with Wazuh

Ensuring NIS2 compliance with Wazuh

Post icon
/ Engineering
By

Network and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]

Read more
Post icon
/ Engineering

Ensuring NIS2 compliance with Wazuh

By

Network and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]

Read more
Wazuh Partners with ActionLabs to Enhance Managed IT Services

Wazuh Partners with ActionLabs to Enhance Managed IT Services

Post icon
/ News
By

San Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]

Read more
Post icon
/ News

Wazuh Partners with ActionLabs to Enhance Managed IT Services

By

San Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]

Read more
Managing multiple Wazuh clusters with Cross-Cluster Search

Managing multiple Wazuh clusters with Cross-Cluster Search

Post icon
/ Engineering
By

Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]

Read more
Post icon
/ Engineering

Managing multiple Wazuh clusters with Cross-Cluster Search

By

Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]

Read more
Daolpu infostealer detection and response with Wazuh

Daolpu infostealer detection and response with Wazuh

Post icon
/ Engineering
By

Daolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]

Read more
Post icon
/ Engineering

Daolpu infostealer detection and response with Wazuh

By

Daolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]

Read more
Achieving CJIS compliance with Wazuh

Achieving CJIS compliance with Wazuh

Post icon
/ Engineering
By

The Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]

Read more
Post icon
/ Engineering

Achieving CJIS compliance with Wazuh

By

The Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]

Read more
How to configure Rsyslog client to send events to Wazuh

How to configure Rsyslog client to send events to Wazuh

Post icon
/ Engineering
By and

Learn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.

Read more
Post icon
/ Engineering

How to configure Rsyslog client to send events to Wazuh

By and

Learn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.

Read more
Keep up to date
with our digest of articles