MalwareLab on Nostr: Yeah, Wazuh is great tool, it provides good visibility into your infrastructure. ...
Yeah, Wazuh is great tool, it provides good visibility into your infrastructure. #Velociraptor is another example, but more useful for incident response and threat hunting in larger networks.
In top of that, network monitoring with IDS such as #suricata + ET Open signatures is useful addition especially for detect threats and anomalies originating from devices without wazuh installed. Analyzing traffic from IoT, guest laptops and smartphones and identification of all devices connected to the network is often very educative exercise.
In top of that, network monitoring with IDS such as #suricata + ET Open signatures is useful addition especially for detect threats and anomalies originating from devices without wazuh installed. Analyzing traffic from IoT, guest laptops and smartphones and identification of all devices connected to the network is often very educative exercise.