Igor_sec's Blog
Hello! Welcome to my blog where I post write-ups for CTF challenges.
Tag: xdr
-
Wazuh | Part 4 : Proof of Concept —Windows Endpoint Part 1 of 2
Introduction In my previous posts, I demonstrated the capabilities of Wazuh for monitoring and protecting an Ubuntu endpoint, including detecting malware, analyzing system calls, assessing configurations, and more. This time, I will be replicating some use cases and proof of concept on a Windows endpoint. In this post, I’ll walk through practical examples of using…
-
Wazuh | Part 4 : Proof of Concept – Ubuntu Endpoint Part 3 of 3
Introduction In my last post, I walked through practical examples of Wazuh capabilities including monitoring Docker events, NIDS integration, and malware detection using Yara and VirusTotal Integration. Now I’ll explore additional key features of the Wazuh agent including monitoring system calls, Security Configuration Assessment, taking active response, maintaining a system inventory, and leveraging osquery. System…
-
Wazuh | Part 2 : Installing Wazuh and Configuring the Server
Welcome to part 2 of my journey in exploring Wazuh to gain a semblance of real-life experience in using an enterprise-grade security monitoring platform. In the first part, I delve into a brief introduction about Wazuh, its components and capabilities as an open source security monitoring platform that provides threat detection, integrity monitoring, incident response…
Igor_sec's Blog 