Blog / Engineering / Detecting and blocking Cacti remote code execution vulnerability (CVE-2022-46169) with Wazuh
Cacti is a web-based open source network monitoring and graphing tool that utilizes Round Robin Database Tool (RRDTool) to create an intuitive fault management framework. Cacti provides a holistic visualization...
Blog / Engineering / Conducting primary account number scan with Wazuh
Primary account number (PAN) is a unique identifier for payment card account numbers. It consists of a string of numbers ranging from 14 to 19 digits, used to identify the...
Blog / Engineering / Monitoring USB drives in Linux using Wazuh
Monitoring USB drives on a Linux endpoint is essential for maintaining the security and integrity of the system. USB drives can serve as a potential entry point for malware and...
Blog / Engineering / Integrating SentinelOne XDR with Wazuh
SentinelOne XDR is designed to provide comprehensive protection against advanced threats and cyberattacks. By leveraging sophisticated behavioral analysis and threat intelligence, SentinelOne XDR delivers a robust defense mechanism to ensure...
Blog / Engineering / Integrating Mimecast with Wazuh
Mimecast is an email security and management platform that protects emails against cyber threats such as malware, phishing, and spam. Email remains one of the most prevalent attack vectors for...
Blog / Engineering / Ransomware protection on Windows with Wazuh
Providing Ransomware protection on our endpoints is important as these attacks have become one of the most prevalent and damaging cyber threats faced by organizations and individuals. These types of...
Blog / Engineering / Detecting PowerShell exploitation techniques in Windows using Wazuh
PowerShell is a tool widely used for managing Windows endpoints. Its versatility makes it a key resource for administrators, allowing them to control various system functions, automate workflows, and manage...