BTL1 Prep: Boss of the SOC v1 on Proxmox
In this post, I walk you through the steps of running on Proxmox the Boss of the SOC v1 challenge from CyberDefenders.
Defensive cybesecurity, blue teaming
In this post, I walk you through the steps of running on Proxmox the Boss of the SOC v1 challenge from CyberDefenders.
In this post, I show you how to configure the Unattended Upgrades service on Debian-based distributions.
In this post, I walk you through steps of running an OpenCTI server to aggregate threat intelligence into a single interface.
In this post, I show you how to configure and monitor File Integrity Monitoring (FIM) in Wazuh.
Recently, the folks at Chainguard open-sourced some Osquery threat hunting queries, so I wrote a script to convert the queries to YAML docs for import into FleetDM.
In this post, I demonstrate how to install and configure RITA on a NIDS node running Zeek and ingest the RITA output with Wazuh command logging.
In this post, I elaborate on the Log All JSON option in the Wazuh Manager's configuration and how that can add more context beyond just alerts.
In this post, I show how to manage your Wazuh Indexer indices in order to improve performance and manage disk space consumed by indices.
In this post, I explore the OwlH integration with Wazuh and the convenience of the centralized NIDS configuration management it offers.