BSides Tokyo 2026 Speaker

[BSides Tokyo 2026 Speaker Reveal]
Gabriel Rodrigues de Oliveira: "Who protect the defender?"

Master is king in SIEM/XDR, but what if the hierarchy is reversed? Explore the Wazuh RCE discovery.

🔗 bsides.tokyo/en/2026/n22/
🎟️ peatix.com/event/4825609/

#BSidesTokyo #Wazuh #SIEM

Leveraging Wazuh detection and alerting with Clickdetect | Anomaly Detection | Multple Source Learn how to extend Wazuh with Clickdetect and ClickHouse for SQL-based threat detection, multi-source correlation, anomaly detection, and batched alerts

Leveraging Wazuh detection and alerting with Clickdetect | Anomaly Detection | Multiple Source Correlation | by Vinicius Morais

medium.com/@souzo/lever...

#cybersecurity #siem #wazuh

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

Wazuh for Proactive Vulnerability Management Vulnerability management has evolved from periodic scanning to a continuous, threat-aware process that prioritizes exploit activity, asset criticality, and real-time detection. Wazuh enables this proactive model by unifying vulnerability visibility, threat intelligence, and telemetry to detect exploitation attempts and validate remediation. #Wazuh #CVE-2025-55182

Wazuh transforms vulnerability management from periodic scans to continuous, threat-aware detection by integrating threat intelligence, asset criticality, and real-time telemetry for proactive remediation. #VulnManagement #ThreatIntel #Wazuh

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

Detecting and responding to GreenBlood ransomware with Wazuh GreenBlood ransomware is a Go-based ransomware family that has recently emerged in the threat landscape, targeting Windows environments while employing a double-extortion model. The malware is engineered for high-speed execution and parallel file encryption, leveraging the performance and portability benefits of a compiled, statically linked language. This design allows GreenBlood to rapidly impact infected systems […] The post Detecting and responding to GreenBlood ransomware with Wazuh appeared first on Wazuh.

Originally from Wazuh: Detecting and responding to GreenBlood ransomware with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

Enriching Wazuh vulnerability detection with Google Gemini integration Organizations constantly struggle with vulnerabilities affecting operating systems, applications, and third-party software. These weaknesses expand the attack surface and can be exploited by attackers to compromise the confidentiality, integrity, or availability of systems. Wazuh offers vulnerability detection capability that identifies vulnerabilities in systems and software. However, security analysts must also determine a vulnerability’s exploitability, potential […] The post Enriching Wazuh vulnerability detection with Google Gemini integration appeared first on Wazuh.

Originally from Wazuh: Enriching Wazuh vulnerability detection with Google Gemini integration ( :-{ı▓ #wazuh #siem #cyberresearch

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

Detecting and responding to Cephalus ransomware with Wazuh Cephalus ransomware surfaced in mid-August 2025 and quickly attracted attention for its stealth and operational precision. The threat actors demonstrate a clear financial motivation and rely on initial access vectors. They exploit weak or exposed Remote Desktop Protocol (RDP) configurations, particularly targeting accounts lacking Multi-Factor Authentication (MFA) protection, to gain unauthorized access. Cephalus ransomware targets […] The post Detecting and responding to Cephalus ransomware with Wazuh appeared first on Wazuh.

Originally from Wazuh: Detecting and responding to Cephalus ransomware with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

Open source software as the future of cybersecurity  Open source software makes its source code publicly available, allowing anyone to inspect, audit, and improve it. This transparency creates verifiable trust, where security claims can be independently validated by a global community instead of taken on faith. Open source licenses give users full control to understand, customize, and extend the software to meet their […] The post Open source software as the future of cybersecurity  appeared first on Wazuh.

Originally from Wazuh: Open source software as the future of cybersecurity  ( :-{ı▓ #wazuh #siem #cyberresearch

Detecting and responding to Rhadamanthys stealer with Wazuh Rhadamanthys Stealer is a credential-harvesting malware sold as Malware-as-a-Service (MaaS). It is known for its modular architecture, data-stealing capabilities, and continuous updates driven by criminal marketplaces. Attackers distribute Rhadamanthys stealer via phishing emails, cracked software, malicious ads, and fake installers. The stealer primarily targets Windows endpoints to extract browser passwords, crypto wallets, system metadata, autofill […] The post Detecting and responding to Rhadamanthys stealer with Wazuh appeared first on Wazuh.

Originally from Wazuh: Detecting and responding to Rhadamanthys stealer with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

Scaling Enterprise XDR with a Distributed Wazuh High Availability Cluster on Proxmox Execute a Wazuh HA cluster deployment. Master distributed indexing, Suricata log ingestion, and XDR orchestration to secure complex enterprise networks.

Execute a Wazuh HA cluster deployment. Master distributed indexing, Suricata log ingestion, and XDR orchestration to secure complex enterprise networks.

#wazuh #solideinfo #cybersecurity

Incident management with Wazuh and Rootly Incident management involves detecting, responding to, and resolving unplanned events efficiently across systems and teams. It is important for organizations aiming to reduce downtime, mitigate risks, and maintain operational resilience. Incident management platforms like Rootly are designed to streamline and automate response workflows for engineering, operations, and security teams. Integrating Rootly with Wazuh connects Wazuh […] The post Incident management with Wazuh and Rootly appeared first on Wazuh.

Originally from Wazuh: Incident management with Wazuh and Rootly ( :-{ı▓ #wazuh #siem #cyberresearch

Monitoring access control violations with Open Policy Agent (OPA) and Wazuh Access control protects the confidentiality, integrity, and availability of systems and data. It is important because attackers frequently exploit legitimate accounts, excessive permissions, and weak policy enforcement to blend into normal operations. While access control systems are designed to prevent unauthorized actions, the decisions they generate, such as denied requests, privilege escalations, or anomalous authorization […] The post Monitoring access control violations with Open Policy Agent (OPA) and Wazuh appeared first on Wazuh.

Originally from Wazuh: Monitoring access control violations with Open Policy Agent (OPA) and Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

Automating Windows endpoint hardening with Wazuh  Endpoint hardening is a continuous process for securing modern IT environments against vulnerabilities and misconfigurations. It reduces the attack surface of endpoints and strengthens defenses against cyber threats by enforcing standardized security configurations. Organizations typically rely on established guidelines such as the Center for Internet Security (CIS) Benchmarks and frameworks like NIST, which provide best […] The post Automating Windows endpoint hardening with Wazuh  appeared first on Wazuh.

Originally from Wazuh: Automating Windows endpoint hardening with Wazuh  ( :-{ı▓ #wazuh #siem #cyberresearch

Bypassing Wazuh's UNC Mitigation in Windows OSQuery via \\?\UNC\ (CVE-2025-30201 / GHSA-x697-jf34-gp5x) How I bypassed Wazuh's UNC path mitigation in Windows OSQuery using extended-length UNC paths (\\?\UNC\), leaking NetNTLMv2 hashes despite the original CVE-2025-30201 fix.

Found a bypass in Wazuh's UNC path validation for Windows agents. Standard UNC paths were blocked, but extended-length paths (\\?\UNC\) slipped through. Can lead to NTLM relay and AD compromise.

CVSS 7.7 High, patched in 4.14.3.

Writeup: moltenbit.net/posts/wazuh-...

#infosec #bugbounty #wazuh

Auditing Kubernetes with Wazuh It is essential to log and audit Kubernetes cluster events. Check our new blog post to learn how to audit Kubernetes events with Wazuh. The post Auditing Kubernetes with Wazuh appeared first on Wazuh.

Originally from Wazuh: Auditing Kubernetes with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

📊 NEW: Send pfSense Logs to Wazuh SIEM!

Centralized firewall logging with syslog-ng. Real-time threat detection & compliance monitoring.

📖 Read: devopstales.github.io/linux/wazuh-...

#pfSense #Wazuh #SIEM #Security #Logging

Detecting and responding to Salat stealer with Wazuh Salat stealer is a rapidly emerging Go-based information stealer offered under a Malware-as-a-Service (MaaS) model, enabling widespread access to the malware for threat actors. The malware leverages dedicated command and control (C2) infrastructure to manage infected endpoints and exfiltrate stolen data at scale. It primarily targets Windows endpoints to collect browser credentials, Telegram sessions, and […] The post Detecting and responding to Salat stealer with Wazuh appeared first on Wazuh.

Originally from Wazuh: Detecting and responding to Salat stealer with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

Detecting DNS tunneling attacks with Wazuh DNS tunneling allows attackers to hide malicious data and commands within legitimate Domain Name System (DNS) traffic, bypassing firewalls and security controls. Attackers exploit the fact that DNS traffic is often permitted on networks without deep inspection to encode sensitive data and commands into DNS queries and responses. This creates a covert communication channel between […] The post Detecting DNS tunneling attacks with Wazuh appeared first on Wazuh.

Originally from Wazuh: Detecting DNS tunneling attacks with Wazuh ( :-{ı▓ #wazuh #siem #cyberresearch

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

Wazuh + Grafana is a great combo. You can do so much more with Grafana on so many platforms. Here I have it monitoring my Office365 tenant. There's A TON more data it is showing, but I am not showing that for obvious reasons here.

#Cybersecurity #Grafana #Wazuh #SIEM

Original post on social.marud.fr

Les gens qui utilisent #wazuh j'ai un truc qui me trigger de fou...
Les logs de sshd sont pas parsés correctement parce que le mois est au format FR

Genre ça ne passe pas :



mars 06 17:34:00 MACHINE sshd-session[1178569]: Connection closed by authenticating user postgres 14.20.15.24 port […]

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

A homelab without a SIEM is just optimism.
Wazuh detecting Synology DSM login failures:
1 Critical | 41 Medium | Security score 40%
Logs. Correlation. Visibility.
Garage infrastructure. Enterprise mindset.
#Wazuh #HomeLab #CyberSecurity #SelfHosted

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR

🔍 Wazuh: A Solução SIEM Ideal! 🛡️
O Wazuh é uma plataforma open source que oferece monitoramento de segurança robusto e resposta a incidentes. Proteja sua empresa em tempo real!
👉 Descubra como: Wazuh, o SIEM Certo.
#Cibersegurança #Wazuh #SIEM #XDR