Wazuh, Sysmon and Atomic Red Team - 239

iTunes | Google | Spotify | Amazon | audible | Stitcher

Time for more Wazuh and Sysmon. This time we’re adding Atomic Red Team for testing. This is starting to look really good. Unfortunately we’re missing something.

LINKS

1. Wazuh · The Open Source Security Platform

2. Lab Instructions - Emulation of ATT&CK techniques and detection with Wazuh

3. Sysmon config from SwiftOnSecurity

4. Wazuh Server Rules

5. Video: 163. Use Sysinternals Sysmon with Wazuh: The Swiss Army Knife for Windows Monitoring