Wazuh SIEM Technical Session

Wazuh SIEM is a security platform that centralizes events produced in the technological infrastructure to identify threats and anomalies in real time.

Discover in our next training what Wazuh is, its architecture, the methods available for event collection, Wazuh agents and how it identifies malicious commands.

Agenda

10:00h NexTReT Presentation
10:05h What is Wazuh SIEM?
10:15h Wazuh SIEM Architecture
10:30h Methods available for event collection
10:40h Wazuh Agents

  • Agent deployment
  • Centralized agent update
  • Leaky Bucket and Settings

10:50h Lab: Identification of potentially malicious Powershell commands

  • Windows Event Channel
  • Rules, decoders and troubleshooting
  • Detection of malicious powershell command executed on an endpoint
  • Custom Dashboard

11:05h Doubts and questions
11:15 h End of session

Ask for the video!


    The event is finished.

    Date

    18 Sep 2024
    Expired!

    Time

    10:00 am - 11:15 am

    Location

    Webinar

    © NexTReT, 2026 | Legal notice | Privacy Policy | Cookies Policy (UE) | Complaints channel