- Introduction to Wazuh
- HIDS,OSSEC and Wazuh
- Components of Wazuh
- Architecture of Wazuh
- Deployment Methods
- Wazuh Feature
- Wazuh Demo
- Wazuh Intergration
- Ubuntu Endpoint agent Enrollement
- Windows Endpoint agent Enrollment
- Wazuh Ruleset & Decoders
- Hands on lab 1: FilE Intergrity Monitoring
- Hands on lab 2: Detecting Network using Suricata IDS
- Hands on Lab 3: Detecting Vulnerabilities
- Hands on lab 4: Detecting Execution of Malicious Commands
- Hands on lab 5: Detecting and Blocking Brute Force Attack
- Hands on lab 6: Detecting Malaicious files using VirusTotal
OSSEC is open source HIDS security platform and a Host Intrusion Detection System(HIDS) software. Created by Daniel CID in year 2004, In year 2015 it forked from OSSEC AND Wazuh platform was created
Host- [ ]Based Intrusion Detection System that install directly on endpoint or servers. Purpose is basically to identify
- CLamAV
- Kaspersky Antivirus
- McAfee
- Sophos
- Symantec Endpoint Protection
- Endpoint Detection and Response (EDR)
- Security Orchestration,Automation,and Response (SOAR)
- Incident Response
- Threat Response
- Intrusion Detection system (IDS)
- Intrusion Prevention system (IPS)
- Vulnerability Managment
- Log Manangement and SIEM
- Cloud Security
- Compliance and Audition
- CrowdStrick Falcon
- Carbon Black
- Cylance PROTECT
- Sentinel One
- Microsoft Defender for Endpoint
- Shuffle SOAR
- Cortex XSOAR
- Siemplify
- Swimlane
- TheHive
- MISP (Malware Information Sharing Platform)
- IR Flow
- IBM Resilient
- Splunk Phantom
- Virus Total
- AlienValut OTX
- IBM X-Force Exchange
- Recorded Future
- Threat Connect
- Suricata
- Snort
- Zeek (formerly bro)
- Graylog
- Grafana
- Elastic Stack
- AWS CloudTrail
- Azure Security Center
- Google Cloud Security Command Center
- Cloudflare