The article explains how Wazuh, an open-source SIEM/XDR platform, helps financial institutions in Indonesia comply with Bank Indonesia and OJK cybersecurity regulations.
It details how Wazuh’s features—like log monitoring, threat detection, and compliance reports—align with regulatory requirements.
The guide is aimed at helping IT and InfoSec teams ensure cybersecurity compliance across financial services.

Technitium DNS Server is an open-source DNS tool for personal/local use that enhances privacy, security, and ad-blocking by supporting DNS-over-TLS/HTTPS and customizable filtering lists.

The article explains how Wazuh processes logs in three main stages: pre-decoding, decoding, and rule matching.
It details how logs are parsed and matched with decoders and rules to generate security alerts.
The post also introduces key Wazuh components involved in log analysis, setting up future deep dives.

The article explains how to deploy Wazuh using Docker Compose for easier setup, scalability, and configuration.
It walks through steps like cloning the Wazuh repo, generating certificates, and running the containers securely.
Using Docker streamlines updates, ensures isolation, and simplifies security monitoring in various environments.

ChatGPT Plus
The article provides a step-by-step guide to integrating Wazuh with Microsoft Entra ID using SAML for single sign-on.
It covers configuring the Entra ID application, setting SAML parameters, and mapping roles to Wazuh.
This integration enables secure, role-based access to the Wazuh Dashboard through Entra ID authentication.

The article introduces Wazuh as a cost-effective, open-source alternative to expensive SIEM solutions, removing log volume fees and vendor lock-in. It explains how to install the Wazuh stack, deploy agents, and enable key modules like detection, compliance, and analytics. It highlights Wazuh’s flexibility to create custom alert rules, dashboards, and active responses. The article concludes that Wazuh delivers enterprise-grade SIEM/XDR capabilities with no licensing costs, ideal for organizations seeking full control over their security.

The article explores Wazuh’s Remote Command Monitoring feature for enhancing endpoint visibility. It explains how to schedule and run commands on agents securely, collecting output for analysis and alerting. Use cases include monitoring system services, disk usage, and custom scripts via ossec.conf or agent.conf.

This article provides a comprehensive walkthrough for deploying Wazuh 4.12.0 on Ubuntu 22.04. It covers installation of central components—Wazuh Indexer, Server, and Dashboard—using the Wazuh installation assistant and configuration file. The guide also includes deploying Wazuh agents on Windows systems and viewing alerts through the Wazuh Dashboard. Additionally, it discusses alternative installation methods such as using ready-to-use machines, containers, or offline installations for air-gapped environments. The article is aimed at security professionals seeking to implement a robust, open-source SIEM solution.

This article provides a comprehensive guide on integrating Trend Micro Apex Central with Wazuh for enhanced endpoint threat detection. The integration involves configuring syslog forwarding in Apex Central to send security logs to the Wazuh server, ensuring proper communication over port 514. To effectively parse and analyze the incoming logs, custom decoders are created in Wazuh, enabling structured data extraction and facilitating meaningful correlation within the Wazuh dashboard.