Blog / Engineering / RapperBot botnet detection and mitigation with Wazuh
A botnet is a network of compromised internet-connected devices such as personal computers, servers, and Internet of Things (IoT) devices used to orchestrate cyberattacks. Recently, in June 2022, an IoT family of malware dubbed “RapperBot” that affects Linux platforms was discovered. This malware has the potential to brute force credentials to gain access to password-protected […]
Blog / Engineering / Docker container security monitoring with Wazuh
In this blog post, you can learn about Docker container security monitoring with Wazuh by monitoring Docker container events.
Blog / Engineering / Web shell attack detection with Wazuh
Installing a web shell on a web server is one way of achieving persistence. In our new blog post, we use Wazuh to detect web shell attacks.
Blog / Engineering / Detecting common Linux persistence techniques with Wazuh
Our new blog post shows how to detect common Linux persistence techniques with Wazuh by covering several common techniques.
Blog / Engineering / Hunting for suspicious Windows LNK files with Wazuh XDR
In this blog post we have shown how Wazuh detects the presence of suspicious and malicious LNK files in Windows endpoints.
Blog / Engineering / Building IoC files for threat intelligence with Wazuh XDR
This blog post shows how we leverage the Wazuh XDR capability to identify and store IoCs detected in an organization’s infrastructure.
Blog / Engineering / Configuration management of Wazuh endpoints using Ansible
Configuration management is the process of maintaining computer systems, servers, network devices, and software in a desired and consistent state. Configuration management tools allow you to quickly and remotely control large numbers of different endpoints in an automated way from a centralized location. There are several popular configuration management tools. These include Ansible, Chef, Puppet, […]