Monitoring remote OpenVPN connections with GeoIP and Wazuh XDR

Monitoring remote OpenVPN connections with GeoIP and Wazuh XDR

Post icon
/ Engineering

By

The global pandemic in 2020 gave rise to more companies adopting remote working tools, services, and collaboration solutions. But organizations that utilize remote work services...

Read more
Post icon
/ Engineering

Monitoring remote OpenVPN connections with GeoIP and Wazuh XDR

By

The global pandemic in 2020 gave rise to more companies adopting remote working tools, services, and collaboration solutions. But organizations...

Read more
How to detect Active Directory attacks with Wazuh [Part 1 of 2]

How to detect Active Directory attacks with Wazuh [Part 1 of 2]

Post icon
/ Engineering

By

This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on Sysmon.

Read more
Post icon
/ Engineering

How to detect Active Directory attacks with Wazuh [Part 1 of 2]

By

This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on...

Read more
Detecting hoaxshell with Wazuh

Detecting hoaxshell with Wazuh

Post icon
/ Engineering

By and

Our new blog post shows how Wazuh can detect generic and obfuscated hoaxshell payloads and other attacks that abuse PowerShell.

Read more
Post icon
/ Engineering

Detecting hoaxshell with Wazuh

By and

Our new blog post shows how Wazuh can detect generic and obfuscated hoaxshell payloads and other attacks that abuse PowerShell.

Read more
Detecting Apache Text4Shell (CVE-2022-42889) with Wazuh

Detecting Apache Text4Shell (CVE-2022-42889) with Wazuh

Post icon
/ Engineering

By

In this blog post, we use Wazuh to detect vulnerable versions of Apache Commons Text Library Text4Shell and monitor the endpoints.

Read more
Post icon
/ Engineering

Detecting Apache Text4Shell (CVE-2022-42889) with Wazuh

By

In this blog post, we use Wazuh to detect vulnerable versions of Apache Commons Text Library Text4Shell and monitor the...

Read more
STRRAT detection with Wazuh

STRRAT detection with Wazuh

Post icon
/ Engineering

By

STRRAT is a Java-based remote access trojan (RAT) that provides threat actors with full remote control of infected Windows endpoints. STRRAT focuses on stealing credentials...

Read more
Post icon
/ Engineering

STRRAT detection with Wazuh

By

STRRAT is a Java-based remote access trojan (RAT) that provides threat actors with full remote control of infected Windows endpoints....

Read more
OpenSSL 3.0 vulnerability audit using Wazuh

OpenSSL 3.0 vulnerability audit using Wazuh

Post icon
/ Engineering

By

OpenSSL is a popular open source cryptography library. Applications that secure communication over computer networks use OpenSSL to implement SSL (Secure Socket Layer) and TLS...

Read more
Post icon
/ Engineering

OpenSSL 3.0 vulnerability audit using Wazuh

By

OpenSSL is a popular open source cryptography library. Applications that secure communication over computer networks use OpenSSL to implement SSL...

Read more
Docker container security monitoring with Wazuh

Docker container security monitoring with Wazuh

Post icon
/ Engineering

By

In this blog post, you can learn about Docker container security monitoring with Wazuh by monitoring Docker container events.

Read more
Post icon
/ Engineering

Docker container security monitoring with Wazuh

By

In this blog post, you can learn about Docker container security monitoring with Wazuh by monitoring Docker container events.

Read more
Using Wazuh to detect Raspberry Robin worms

Using Wazuh to detect Raspberry Robin worms

Post icon
/ Engineering

By

This blog post focuses on using Wazuh for an early stage detection of Raspberry Robin worms based on its observed behaviors and known IoCs.

Read more
Post icon
/ Engineering

Using Wazuh to detect Raspberry Robin worms

By

This blog post focuses on using Wazuh for an early stage detection of Raspberry Robin worms based on its observed...

Read more
Responding to network attacks with Suricata and Wazuh XDR

Responding to network attacks with Suricata and Wazuh XDR

Post icon
/ Engineering

By

This blog post focuses on protecting an endpoint from network attacks using Suricata and the Wazuh active response module.

Read more
Post icon
/ Engineering

Responding to network attacks with Suricata and Wazuh XDR

By

This blog post focuses on protecting an endpoint from network attacks using Suricata and the Wazuh active response module.

Read more

Keep up to date with
our digest of articles