Incident Analysis: SSH Brute-Force Attack Detected by Wazuh
Dec 23, 2025 · 3 min read · This lab was designed to simulate a real credential-based attack and observe how a host-based SIEM behaves during high-volume abuse. Instead of focusing on dashboards, I treated this like an actual SOC incident: attack happens first, investigation co...
Join discussionIntegrating YARA Threat Hunting with Wazuh SIEM for Malware Detection
Nov 11, 2025 · 9 min read · Babatunde Qodri, an aspiring SOC Analyst, showcases in this project how YARA — a powerful open-source malware pattern-matching tool — can be seamlessly integrated with Wazuh SIEM to detect and respond to malicious activities in real time. This hands...
Join discussion
La observabilidad como aliado, monitorizando y alertando Fortinet con Wazuh.
Oct 5, 2025 · 28 min read · Introduccion Hace un tiempo escribí sobre Wazuh y recibí muchas consultas. Voy a avanzar un poco más y vamos a monitorear un equipo Fortigate para tener alarmas en tiempo real y actuar en consecuencia. La verdad es que este SIEM nos ofrece una gran v...
Join discussion
Building a home Lab : Deploying Wazuh - an Extended Detection and Response tool
Jul 6, 2025 · 3 min read · In this article, we will deploy an Extended Detection and Response (XDR) tool on the home lab infrastructure. We will deploy Wazuh in the Servers VLAN. Wazuh is an open-source security monitoring platform that provides extended detection and response...
Join discussion
How to Integrate Slack & Gmail Alerts with Wazuh SIEM: Step-by-Step Guide
Jul 1, 2025 · 36 min read · Introduction This comprehensive guide will walk you through every single step of integrating Wazuh SIEM with Slack and Gmail notifications. We'll cover everything from creating accounts to troubleshooting, with detailed screenshots descriptions and e...
Join discussionConfiguration des alertes FIM sur Wazuh
Sep 9, 2024 · 4 min read · Pré-requis Installation de Wazuh Déploiements des agents Wazuh Intégration Virus Total (facultatif) Après avoir installé l'agent Wazuh sur les terminaux, la prochaine étape est de configurer des règles de détection. Il en existe plusieurs expliq...
00x7b4 commented
Wazuh: Installation
Aug 29, 2024 · 7 min read · Wazuh est une plateforme open-source qui offre des moyens de détecter des menaces, de répondre aux incidents, de surveiller l'intégrité des fichiers et de fournir une visibilité sur l'ensemble de l'infrastructure. Wazuh est essentiellement un SIEM, u...
Join discussion
Wazuh Dashboard + Nginx Proxy Manager
Jul 24, 2024 · 1 min read · Server Wazuh Dashboard via docker behind NGINX Proxy Manager Set up a docker network. Change the subnet to whatever you want. docker network create \ --driver=bridge \ --subnet=10.0.1.0/24 \ --gateway=10.0.1.1 \ wazuh_npm Clone and e...
Join discussion