The attacks on the Linux system are common since decades, but how common are Linux logs collected and processed for better detections?

This blog highlights how open source platform can be leveraged in detecting simple to sophisticated attacks with bunch of rules and configurations on the endpoint.

How interesting it…

With Sysmon configured on endpoints, ELK + Wazuh stack will facilitate greatly in performing Threat Hunting operations.

Catch me if you can :)

We know that threat landscape is increasing exponentially day by day and perpetrators are employing sophisticated techniques to fly always under radar. So, it is highly important for SOC teams to accelerate the…

Abhijith Rao

Incident Handler, Security Operations

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store