Wazuh! It works! Not only does it work, but it’s awesome. We’re also covering detection as part of a security program. You can’t have good security without detection. We’re also throwing in a bit of VMware management. Can’t manage labs in VMware without some management know how.

LINKS

1. Wazuh · The Open Source Security Platform

2. Lab Instructions - Emulation of ATT&CK techniques and detection with Wazuh

3. Sysmon config from SwiftOnSecurity

4. Wazuh Server Rules

5. Video: Installing The EDR Solution Wazuh

FIND US ON

1. Twitter - DamienHull

2. YouTube