Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Security Monitoring with Wazuh
  • Table Of Contents Toc
  • Feedback & Rating feedback
Security Monitoring with Wazuh

Security Monitoring with Wazuh

By : Rajneesh Gupta
3.9 (7)
Buy this Book
close
close
Security Monitoring with Wazuh

Security Monitoring with Wazuh

3.9 (7)
By: Rajneesh Gupta
Buy this Book

Overview of this book

Explore the holistic solution that Wazuh offers to improve your organization’s cybersecurity posture with this insightful guide. Security Monitoring with Wazuh is a comprehensive resource, covering use cases, tool integration, and compliance monitoring to equip you with the skills you need to build an enterprise-level defense system. The book begins by setting up an Intrusion Detection System (IDS), integrating the open-source tool Suricata with the Wazuh platform, and then explores topics such as network and host-based intrusion detection, monitoring for known vulnerabilities, exploits, and detecting anomalous behavior. As you progress, you’ll learn how to leverage Wazuh’s capabilities to set up Security Orchestration, Automation, and Response (SOAR). The chapters will lead you through the process of implementing security monitoring practices aligned with industry standards and regulations. You’ll also master monitoring and enforcing compliance with frameworks such as PCI DSS, GDPR, and MITRE ATT&CK, ensuring that your organization maintains a strong security posture while adhering to legal and regulatory requirements. By the end of this book, you’ll be proficient in harnessing the power of Wazuh and have a deeper understanding of effective security monitoring strategies.
Table of Contents (15 chapters)
close
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1:Threat Detection
Part 1:Threat Detection
Free Chapter
2
Chapter 1: Intrusion Detection System (IDS) Using Wazuh
Chapter 1: Intrusion Detection System (IDS) Using Wazuh
What is an IDS?
What is Suricata?
Getting started with Wazuh and Suricata
Understanding Suricata rules
Testing web-based attacks using DVWA
Testing NIDS with tmNIDS
Summary
3
Chapter 2: Malware Detection Using Wazuh
Chapter 2: Malware Detection Using Wazuh
Types of malware
Wazuh capabilities for malware detection
Malware detection using FIM
The CDB list
VirusTotal integration
Integrating Windows Defender logs
Integrating Sysmon to detect fileless malware
Summary
4
Part 2: Threat Intelligence, Automation, Incident Response, and Threat Hunting
Part 2: Threat Intelligence, Automation, Incident Response, and Threat Hunting
5
Chapter 3: Threat Intelligence and Analysis
Chapter 3: Threat Intelligence and Analysis
What is threat intelligence?
Automated threat intelligence
Setting up TheHive and Cortex
Setting up MISP
Integrating Wazuh with TheHive
Integrating TheHive and Cortex with MISP
Use cases
Summary
6
Chapter 4: Security Automation Using Shuffle
Chapter 4: Security Automation Using Shuffle
What is SOAR?
How a SOC analyst uses SOAR
Introduction to Shuffle
Retrieving Wazuh alerts
Remotely managing Wazuh
Important Shuffle apps
Summary
7
Chapter 5: Incident Response with Wazuh
Chapter 5: Incident Response with Wazuh
Introduction to incident response
Incident response automation
Wazuh active response
Blocking unauthorized SSH access
Isolating a Windows machine post-infection
Blocking RDP brute-force attacks
Summary
8
Chapter 6: Threat Hunting with Wazuh
Chapter 6: Threat Hunting with Wazuh
Proactive threat hunting with Wazuh
Log data analysis for threat hunting
MITRE ATT&CK mapping
Threat hunting using Osquery
Command monitoring
Summary
9
Part 3: Compliance Management
Part 3: Compliance Management
10
Chapter 7: Vulnerability Detection and Configuration Assessment
chevron up
Chapter 7: Vulnerability Detection and Configuration Assessment
Introduction to vulnerability detection and security configuration management
PCI DSS
NIST 800-53
HIPAA
Summary
11
Chapter 8: Appendix
Chapter 8: Appendix
Custom PowerShell rules
Custom Wazuh rules for Auditd
Custom Wazuh rules for Kaspersky Endpoint Security
Custom Wazuh rules for Sysmon
Summary
12
Chapter 9: Glossary
Chapter 9: Glossary
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
R
S
T
V
Y
13
Index
Index
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

PCI DSS

Credit card fraud is one of the most common types of bank fraud. A record $34.36 billion was lost to fraud on credit and debit cards in 2022, up almost 5% from the previous year (http://tinyurl.com/4dymuc8d). Payment Card Industry Data Security Standard (PCI DSS) compliance plays an important role because it forces organizations to safely and securely store and process payment card information. This protects both companies and their customers from data breaches and financial losses. For any organization to become PCI DSS compliant, it needs to fulfill 12 requirements drafted by PCI DSS. The Wazuh platform plays a crucial role in fulfilling some of the most critical PCI DSS requirements. In this chapter, we will address some of the important PCI DSS requirements:

  • What is PCI DSS compliance?
  • Requirements of PCI DSS compliance
  • Wazuh use cases for PCI DSS compliance

What is PCI DSS compliance?

PCI DSS compliance was developed by Visa, MasterCard, Discover...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 3
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY