Time for more Wazuh and Sysmon. This time we’re adding Atomic Red Team for testing. This is starting to look really good. Unfortunately we’re missing something.
LINKS
1. Wazuh · The Open Source Security Platform
2. Lab Instructions - Emulation of ATT&CK techniques and detection with Wazuh
3. Sysmon config from SwiftOnSecurity
4. Wazuh Server Rules
5. Video: 163. Use Sysinternals Sysmon with Wazuh: The Swiss Army Knife for Windows Monitoring
FIND US ON
1. Twitter - DamienHull
2. YouTube
Create your
podcast in
minutes
It is Free