Wazuh signs a partnership agreement with Actarvs
San Jose, California, March 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response...
San Jose, California, March 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response...
Amazon Elastic Container Registry (ECR) is an Amazon Web Services (AWS) managed container image registry service that stores, shares, and deploys container images. Amazon ECR provides an image scanning feature that uses the Common Vulnerabilities and Exposure (CVEs) database from the open source Clair project to detect vulnerabilities in container images. AWS provides a template […]
Read moreAmazon Elastic Container Registry (ECR) is an Amazon Web Services (AWS) managed container image registry service that stores, shares, and deploys container images. Amazon ECR provides an image scanning feature that uses the Common Vulnerabilities and Exposure (CVEs) database from the open source Clair project to detect vulnerabilities in container images. AWS provides a template […]
Read moreKeyloggers are spyware that monitor and record user keystrokes on endpoints. Some variants relay the recorded data to an external party or attacker, enabling threat actors to exfiltrate user credentials or other sensitive information. This blog post focuses on detecting Indicators of Compromise (IoC) for keyloggers that utilize living-off-the-land (LOTL) techniques. LOTL is an attack […]
Read moreKeyloggers are spyware that monitor and record user keystrokes on endpoints. Some variants relay the recorded data to an external party or attacker, enabling threat actors to exfiltrate user credentials or other sensitive information. This blog post focuses on detecting Indicators of Compromise (IoC) for keyloggers that utilize living-off-the-land (LOTL) techniques. LOTL is an attack […]
Read moreSan Jose, California, December 2023. Wazuh is pleased to announce a groundbreaking partnership with Teliko Solutions, a renowned cybersecurity firm specializing in advanced threat detection and response. The collaboration between Wazuh and Teliko Solutions aims to fortify organizations against evolving cyber threats by integrating Wazuh’s robust open-source security platform with Teliko Solution’s cutting-edge threat detection […]
Read moreSan Jose, California, December 2023. Wazuh is pleased to announce a groundbreaking partnership with Teliko Solutions, a renowned cybersecurity firm specializing in advanced threat detection and response. The collaboration between Wazuh and Teliko Solutions aims to fortify organizations against evolving cyber threats by integrating Wazuh’s robust open-source security platform with Teliko Solution’s cutting-edge threat detection […]
Read moreAWS Simple Notification Service (SNS) is a fully managed messaging service that enables sending notifications from the cloud. It supports publishing messages to various endpoints like AWS services, email, SMS, and HTTP/HTTPS webhooks. SNS facilitates application-to-application (A2A) and application-to-person (A2P) communication. This post explores using A2P to publish Wazuh security alerts to SNS topics. The […]
Read moreAWS Simple Notification Service (SNS) is a fully managed messaging service that enables sending notifications from the cloud. It supports publishing messages to various endpoints like AWS services, email, SMS, and HTTP/HTTPS webhooks. SNS facilitates application-to-application (A2A) and application-to-person (A2P) communication. This post explores using A2P to publish Wazuh security alerts to SNS topics. The […]
Read moreSan Jose, California, August 2023. We are glad to announce that ScaryByte has signed a partnership agreement with Wazuh. ScaryByte was created in South Africa in 2020 by a group of passionate and expert cyber security researchers with over 10 years of experience in the field. Their mission is to help the global community prevent […]
Read moreSan Jose, California, August 2023. We are glad to announce that ScaryByte has signed a partnership agreement with Wazuh. ScaryByte was created in South Africa in 2020 by a group of passionate and expert cyber security researchers with over 10 years of experience in the field. Their mission is to help the global community prevent […]
Read moreMonitoring USB drives on a Linux endpoint is essential for maintaining the security and integrity of the system. USB drives can serve as a potential entry point for malware and unauthorized data access. By monitoring these drives, administrators can detect and prevent the introduction of malicious software or unauthorized data transfers. Additionally, monitoring USB drives […]
Read moreMonitoring USB drives on a Linux endpoint is essential for maintaining the security and integrity of the system. USB drives can serve as a potential entry point for malware and unauthorized data access. By monitoring these drives, administrators can detect and prevent the introduction of malicious software or unauthorized data transfers. Additionally, monitoring USB drives […]
Read moreConfiguration management is the process of maintaining computer systems, servers, network devices, and software in a desired and consistent state. Configuration management tools allow you to quickly and remotely control large numbers of different endpoints in an automated way from a centralized location. There are several popular configuration management tools. These include Ansible, Chef, Puppet, […]
Read moreConfiguration management is the process of maintaining computer systems, servers, network devices, and software in a desired and consistent state. Configuration management tools allow you to quickly and remotely control large numbers of different endpoints in an automated way from a centralized location. There are several popular configuration management tools. These include Ansible, Chef, Puppet, […]
Read moreMaltiverse is a threat intelligence platform that collects, analyses, and provides insights into malicious domains, IP addresses, and other digital artifacts commonly associated with cyber threats. It provides a wealth of information on known malicious entities and indicators of compromise (IOCs), making it a valuable resource for cybersecurity professionals. Extensive threat intelligence of Maltiverse complements […]
Read moreMaltiverse is a threat intelligence platform that collects, analyses, and provides insights into malicious domains, IP addresses, and other digital artifacts commonly associated with cyber threats. It provides a wealth of information on known malicious entities and indicators of compromise (IOCs), making it a valuable resource for cybersecurity professionals. Extensive threat intelligence of Maltiverse complements […]
Read moreWe are thrilled to announce the release of Wazuh 4.7.0. This release introduces a native Maltiverse integration and improvements to the Syscollector and Vulnerability Detector modules, among other updates. Below, you can explore some of the new features and improvements of our latest release. Key highlights Maltiverse integration Wazuh 4.7.0 now features native integration with […]
Read moreWe are thrilled to announce the release of Wazuh 4.7.0. This release introduces a native Maltiverse integration and improvements to the Syscollector and Vulnerability Detector modules, among other updates. Below, you can explore some of the new features and improvements of our latest release. Key highlights Maltiverse integration Wazuh 4.7.0 now features native integration with […]
Read moreConducting container vulnerability scans is an approach to protecting containers and the infrastructure that supports them. Containers provide isolated environments for applications, maintaining consistency across other platforms. Detecting and resolving security threats within containers through container vulnerability scanning is an essential proactive security practice. This is important given the dynamic nature of software and the […]
Read moreConducting container vulnerability scans is an approach to protecting containers and the infrastructure that supports them. Containers provide isolated environments for applications, maintaining consistency across other platforms. Detecting and resolving security threats within containers through container vulnerability scanning is an essential proactive security practice. This is important given the dynamic nature of software and the […]
Read moreBlackbit ransomware is a variant of the LokiLocker ransomware. It utilizes sophisticated techniques to encrypt and obstruct data recovery. The ransomware is built on the Ransomware-as-a-service (RaaS) model. RaaS is a subscription-based business model where ransomware groups lease out their infrastructure to ransomware affiliates or cybercriminals to launch cyberattacks. The Blackbit ransomware uses .NET Reactor […]
Read moreBlackbit ransomware is a variant of the LokiLocker ransomware. It utilizes sophisticated techniques to encrypt and obstruct data recovery. The ransomware is built on the Ransomware-as-a-service (RaaS) model. RaaS is a subscription-based business model where ransomware groups lease out their infrastructure to ransomware affiliates or cybercriminals to launch cyberattacks. The Blackbit ransomware uses .NET Reactor […]
Read moreIn this blog post, we combine the capabilities of Cisco Secure Endpoint with the versatility of Wazuh, a unified XDR and SIEM platform. Cisco Secure Endpoint offers cloud-delivered endpoint detection and response. We forward logs from Cisco Secure Endpoint to Wazuh, enabling you to streamline the collection, analysis, and alerting of security logs. We begin […]
Read moreIn this blog post, we combine the capabilities of Cisco Secure Endpoint with the versatility of Wazuh, a unified XDR and SIEM platform. Cisco Secure Endpoint offers cloud-delivered endpoint detection and response. We forward logs from Cisco Secure Endpoint to Wazuh, enabling you to streamline the collection, analysis, and alerting of security logs. We begin […]
Read moreSan Jose, California, October 2023. We are pleased to announce that Wazuh has signed a partnership agreement with Owlh, an open source project to visualize and manage Suricata, Zeek & Arkime life cycles. Owlh offers a scalable solution for network Intrusion Detection Systems (IDS) and seamlessly orchestrates the management of distributed IDS probes across diverse […]
Read moreSan Jose, California, October 2023. We are pleased to announce that Wazuh has signed a partnership agreement with Owlh, an open source project to visualize and manage Suricata, Zeek & Arkime life cycles. Owlh offers a scalable solution for network Intrusion Detection Systems (IDS) and seamlessly orchestrates the management of distributed IDS probes across diverse […]
Read more