Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings.
The post Wazuh: Free and Open-Source XDR and SIEM appeared first on Linux Today.
Wazuh is able to detect vulnerabilities through the integration of vulnerability feeds indexed by Canonical, Debian, Red Hat, and the National Vulnerability Database. Learn more here.
The post Wazuh Vulnerability Detection appeared first on Linux Today.
Recently, a zero-day vulnerability dubbed Log4Shell with CVE CVE-2021-44228 was detected in Apache’s Log4J 2 that allows malicious actors to launch Remote Code Execution (RCE) attacks. This means that an assailant can remotely send commands to a server running vulnerable applications. The key to combating the current wave of attacks is early detection of the vulnerability […]
The post Detecting Log4Shell with Wazuh appeared first on Linux Today.
Active response allows Wazuh to run commands on an agent in response to certain triggers. In this use case, we simulate an SSH Brute Force attack and configure an active response to block the IP of the attacker.
The post Wazuh Blocking Attacks with Act…