By Ifeanyi Onyia Odike

The global pandemic in 2020 gave rise to more companies adopting remote working tools, services, and collaboration solutions. But organizations that utilize remote work services...

By Anthony Faruna

This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on Sysmon.

By Openime Oniagbi and Dario Menten

Our new blog post shows how Wazuh can detect generic and obfuscated hoaxshell payloads and other attacks that abuse PowerShell.

By Henadence Anyam

Installing a web shell on a web server is one way of achieving persistence. In our new blog post, we use Wazuh to detect web...

By Pacome Kemkeu

In this blog post, we use Wazuh to detect vulnerable versions of Apache Commons Text Library Text4Shell and monitor the endpoints.

By Benjamin Nworah

STRRAT is a Java-based remote access trojan (RAT) that provides threat actors with full remote control of infected Windows endpoints. STRRAT focuses on stealing credentials...

By Adedamola Okelola

Check our new blog post to learn how to analyze the Indicators of Compromise (IOCs) of Chaos malware and mitigate the infection using Wazuh.

By Awwal Ishiaku and Benjamin Nworah

It is essential to log and audit Kubernetes cluster events. Check our new blog post to learn how to audit Kubernetes events with Wazuh.

By Iseoluwa Titiloye Oyeniyi

OpenSSL is a popular open source cryptography library. Applications that secure communication over computer networks use OpenSSL to implement SSL (Secure Socket Layer) and TLS...

By Henadence Anyam

In this blog post, you can learn about Docker container security monitoring with Wazuh by monitoring Docker container events.

By Pacome Kemkeu

This blog post focuses on using Wazuh for an early stage detection of Raspberry Robin worms based on its observed behaviors and known IoCs.

By Ifeanyi Onyia Odike

This blog post focuses on protecting an endpoint from network attacks using Suricata and the Wazuh active response module.