보안

wazuh

[Training for Security Experts] Master how to build and operate an optimized threat hunting system by combining Wazuh and the ELK stack. Upgrade your security skills with strategies and hands-on exercises that can be applied directly in the field!


zeromini

입문

초급

중급이상

security

리눅스

Linux

Microsoft Windows

ossec

[Security] Building and Operating a Threat Hunting System Using Wazuh+ELK (SIEM) (Basic)

Hello, this is ZerominiPlease refer to the blog below to effectively perform threat hunting using the basic rules provided by Wazuh + Chainsaw + SigmaRule, and check the results in ELK through Wazuh Agent.<a target="_blank" rel="noopener noreferrer nofollow" href="https://socfortress.medium.com/wazuh-and-chainsaw-integration-for-near-real-time-sigma-detection-6f3e729e892">https://socfortress.medium.com/wazuh-and-chainsaw-integration-for-near-real-time-sigma-detection-6f3e729e892</a>

Windows threat hunting is possible by linking Chainsaw + Sigma Rule + Wazuh.