Blog / Engineering / Integrating Bitdefender GravityZone with Wazuh
Organizations face increasingly sophisticated threats that require a proactive and multi-layered defense strategy. Organizations often leverage multiple security solutions to improve their security posture. Centralized visibility for organizations that use multiple security solutions is essential for operational efficiency. Wazuh, an open source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) platform […]
Blog / Engineering / Detecting data exfiltration using Living Off the Land tools with Wazuh
Detecting data exfiltration is an important aspect of maintaining cybersecurity, especially when attackers leverage native system tools to evade detection. This technique, known as Living Off the Land (LOTL), involves the misuse of legitimate utilities in the operating system, making malicious activities blend with normal operations. Advanced Persistent Threat (APT) groups commonly use LOTL techniques, […]
Blog / Engineering / Detecting XWorm malware with Wazuh
XWorm is a .NET-based Remote Access Trojan (RAT) that initially emerged in early 2022 and resurfaced in 2025 with enhanced capabilities and renewed activity in targeted cyberattacks. Designed to compromise Windows endpoints, XWorm is widely adopted by threat actors due to its modular design and low detection rates when obfuscated, making it a persistent threat […]