Wazuh is a security platform that offers unified XDR (Extended Detection and Response) and SIEM (Security Information and Event Management) protection for endpoints and cloud workloads. It consists of a single universal agent and three main…
STRONTIUM is a Russian-based threat actor associated with the Russian General Staff Main Intelligence Directorate (GRU) and operates under the name Forest Blizzard. Forest Blizzard has also utilized a custom post-compromise tool named…
In an era where cyber threats are growing in sophistication, organizations need robust, scalable, and intelligent security solutions to protect their infrastructure. Wazuh, an open-source Extended Detection and Response (XDR) and Security…
In our previous discussions, we’ve covered the foundational aspects of Wazuh, including installation and troubleshooting common issues. Today, we’re excited to delve deeper into a powerful…
Implementing a security monitoring system can often be complicated and a huge time investment. With Wazuh, you get an open-source integration of host-based intrusion detection, log analysis, and vulnerability management all in a single…
In this post, I’ll continue our exploration of integrating Suricata with Wazuh 4.9 by applying the setup to a practical security use case. We’ll use DVWA (Damn Vulnerable Web Application) as our attack target and tmNIDS as a testing and monitoring…
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code…
DevSecOps, short for Development, Security, and Operations, is a methodology that integrates security practices into software Development Operations (DevOps). It emphasizes that security should be a shared responsibility across development…
In an era defined by increasingly sophisticated and frequent cyber threats, the ability of an organization to proactively monitor, detect, and respond to security incidents is paramount. A Security Operations Center (SOC) serves as the…