Опубликовано: День назад

Two3 Cybersecurity
подписчиков: 398

Let's monitor events from our Windows 10 Testing Client by installing the Wazuh Agent on it. For this we'll be logging into the Wazuh web interface, and following the "Deploy a new agent" wizard.
Don't worry about the large amount of events from the SCA (Security Configuration Assessment), it's done when a new agent is deployed for audit and compliance purposes.
In the next videos, we'll ingest Sysmon and PowerShell logs to get some more visibility on our client before starting to analyse some malicious activity.
➡️ Subscribe to Two3 Cybersecurity here to never miss a beat: / @two3cyber
💻 MY SETUP
CPU: Intel i7-9700k @ 4.9GHz All Cores
RAM: Corsair Vengeance LPX 32GB 3200MHz DDR4
GPU: ASUS TUF NVIDIA RTX 3070Ti
MoBo: Gigabyte Z390 AORUS Ultra
Case: Fractal Design Define R4 Black Pearl
K+M: Durgod K320 TKL + MX Master 3S
Mic: Shure MV7 Podcast Microphone
Cam: Logitech Brio 4K Webcam with HDR
#cybersecurity #wazuh #two3cyber #soc