Blog / Engineering / Why does Wazuh need an Elasticsearch template?

In this topic, we will see why Wazuh needs an Elasticsearch template and also you will learn key concepts and the benefits of using templates.

Blog / Engineering / How to forward Android syslog to Wazuh

Every Android device has its system logs just like any other operating system. This post will teach you how to send these logs to a Wazuh manager instance and how to add custom decoders and rules.

Blog / Engineering / Updating the ruleset automatically

We will learn how to updating the ruleset automatically. The ruleset is one of the most important parts of OSSEC and there are two ways to updating it.

Blog / Engineering / Blocking attacks with Active Response

In this post, we will discuss how to blocking attacks using the active response feature in OSSEC. In this example, we simulate an SSH Brute Force attack.

Blog / Engineering / Using OSINT to create CDB lists and block malicious IPs

Today's post is about using Open Source Intelligence, OSINT and CDB lists. We're going to block all IPs that Wazuh finds in our CDB lists

Blog / Releases / Wazuh v2.1.0 released!

Today we are pleased to announce the release of Wazuh v2.1.0. We have added new features and fixed several bugs. You can find all the details in our release notes and changelog file. Additionally, here is brief explanation of the new features: Agent anti flood protection Agents now include a mechanism to control event floods, avoiding outages, dropping events, […]

Blog / Engineering / How to purge non-active agents

Wazuh agents move through all the stages of their life cycle, sometimes leaving agents permanently disconnected. Learn how to purge these kinds of agents.

Blog / Engineering / Preventing and detecting ransomware with Wazuh

Learn how to use the file integrity monitoring module to prevent and detect ransomware. Keep your system safe with Wazuh.

Blog / News / Wazuh Cloud Platform Achieves PCI DSS Compliance

Wazuh Cloud platform has been validated as PCI DSS Level 1 Service Provider compliant. Our main priority at Wazuh is keeping our customers safe.

Blog / Engineering / Detecting Metasploit attacks

We are going to attack a vulnerable server using Metasploit and then we will see how to use Wazuh to detect various of its attacks. This framework is the most used penetration testing framework in the world. It contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade […]

Blog / News / Wazuh and Securious Limited Announce Partnership to Enhance Managed SOC and Threat Detection Services

San Jose, California, November 2024 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Securious Limited, a UK-based PCI QSA and cybersecurity compliance firm. This collaboration aims to strengthen Securious’ ability to deliver managed Security Operations Center (SOC) and advanced threat […]

Blog / News / Wazuh and Moda Experts Forge Strategic Alliance to Elevate Cybersecurity Solutions

San Jose, California, February 2024 – Wazuh, the global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is delighted to announce a strategic partnership with Moda Experts, a distinguished provider of  Cyber Security and IT Cost Containment Solutions for Small and Medium Businesses. Key Highlights of the […]