Jul 7, 2022
Gonzalo Abril
Gonzalo Abril
Software Developer

Cybersecurity being such a crucial element in the business environment today, it is necessary to be aware of the most common cyberattacks and how to mitigate them, almost regardless of the role we occupy in the organization.

Gonzalo showed us how Wazuh could be used to help us in this task, as it is a tool that monitors the state of our environment for possible threats and allows us to respond to them quickly and effectively.

In the session, the concepts of SIEM and XDR were presented, in addition to talking about the main solutions used to perform these tasks and how Wazuh compares to it.

After learning a little more about how Wazuh works and its multiple utilities, a POC was performed in which we were shown how it would respond to a brute force attack in real time.

Finally, we were shown how a possible rootkit hidden in the cyberattacker's target machine would be detected.