Before, we jump to our topic let’s recall what wazuh is? It’s a popular open source security monitoring platfrom . It’s HIDS aka host based intrusion Detection system. HIDs a Host-based Intrusion Detection System monitors and analyzes the internals of a computing system rather than the network packets on its external interfaces. It focuses on detecting unauthorized access and malicious activities on individual hosts or devices. Wazuh has shifted to opensearch from elasticsearch since ve...| hugs4bugs
If you’re a security professional,it might a chance you would be familier with SIEM aka Security Information Event Management used by SOC analyst or security engineers. In this homelab cybersecurity series I’m guiding you through step by step Wazuh as single node deployment using docker in Kali Machine. Before that let’s understand Wazuh and It’s Architecture :- Wazuh Wazuh is open source security platform with unified XDR(Xtended Detection and Response) and SIEM platform which protec...| hugs4bugs
MTTD (Mean Time To Detect) and MTTR (Mean Time To Response/Remediate) are the two crucial factor in Defensive side of hashtag#cybersecurity Major challenge for Blue team is resource burnout and manual investigation on repetitive task which increase average MTTR . Let’s understand use case to orchestrate security flow use Case :- Automate Multiple login failure alerts response Workflow link :- Here we’ll use SOAR (Security Orchestration Autoamtion and Response) to automate Multiple login f...| hugs4bugs
BYODC or bring your own domain controller is a post-exploitation technique and another option for performing a DCSync in a more opsec safe manner.| ZephrSec - Adventures In Information Security
This post will walk through various services within the Azure catalogue and look at potential attack paths.| ZephrSec - Adventures In Information Security