I am happy to announce that Wazuh v2.0.1 has just been released! As many of you already know, we released Wazuh v2.0 back in April this year. It included the [...]
Wazuh is sponsoring the Bsides Security Conference in Chicago, taking place on Saturday July 15th, 2017. Come and say hello! It is a great oportunity to meet part of the [...]
Today's post is about using Open Source Intelligence, OSINT, and CDB lists.
In this article, we are showing the Wazuh app using a simple use case, getting information about a brute-force attack.
The goal of this article is to explain how to generate an alert when a USB storage device is connected to a Windows system that is being monitored by Wazuh.
Sysmon is a command line tool which allows us to monitor and track processes taking place in our computers. Suspicious behaviors can be detected by Sysmon.
Wazuh has now integrated OpenSCAP into the brand-new v2.0 release. This release was presented on April 29th 2017 as part of the Linux Days conference in Graz, Austria.
Wazuh 2.0 includes the integration with OpenSCAP and Elastic Stack, as well as some improved core capabilities for infrastructure security monitoring.
In this post, we will discuss how to block an attack using the active response feature in OSSEC. Active response allows OSSEC to run commands on an agent in response to certain triggers.