One of the most underrated youtuber in cybersecurity domain. Wishing you to reach more subscribers in future as these kinds of contents will be useful for many in this modern technology based society. Appreciate your consistency and determination on making these contents brother. Love from India ❤
Wazuh is awesome! You should do more Wazuh tutorials for those unfamiliar, it'd help save so many ppl's data. Absolutely wonderful video man, glad your part of the cyber security community! 🤘🏼😎
Great video. I got your class course, and I was used Wazuh as additional SiEm tool to monitor on top of Splunk. With the FMI I will have more conf on windows and other OS. Thank you again 🎉for
This vid is gold! Ive been using wazuh on a virtual machine for awhile to learn it. Its been great. Specially when poking my windows machine with kali linux and then check wazuh dashboad
This was great and very informative! More Wazuh content, please. This Wazuh update with FIM looks like a great monitoring tool. How does Wazuh compare with Lima Charlie? Which is a more comprehensive security tool and why? Thank you in advance for any info you can provide! 🙂
Great question! They both have their pros and cons but the main difference here is that LimaCharlie is more modular if that makes sense. It can work with practically any tool. Wazuh is more of a complete solution if tuned/configured properly. If possible, I would use both tools :)
From today, you earned my subscription and I take you as my mentor. please accept me. I love the way you take your time to explain. I would want to implement wazuh in my present organization because we do not have a cyber security team and I would like to break into that space. we have a file server and a domain controller and 3 other member servers. My main question is, ON WHICH SERVER WOULD I INSTALL WAZUH. Hope to get a response.
Fantastic video! I do have two questions: If I have multiple endpoints, how do I easily add custom paths to monitor in FIM? Do I have to manually edit the ossec.conf in every endpoint? Second question: Instead of drilling down to look for an alert in a every single endpoint, does the fim alerts appear in the top/main dashboard?
You can use a centralized config file documentation.wazuh.com/current/user-manual/reference/centralized-configuration.html and use the alerts dashboard for an overview rather than drilling down into each host
This is brilliant Steven...but the question I have is this...In a real life scenario how would you install the agent unto the pc to monitor it if it belongs to a staff or is there a way to automatically have it installed by default through active directory or something...Maybe through the office domain and all
Ive seen this done via GPO, SCCM, or manually via remote support. Really depends on the organization. As per Wazuh documentation “If you are deploying Wazuh in a large environment, with a high number of servers or endpoints, keep in mind that this deployment might be easier using automation tools such as Puppet, Chef, SCCM, or Ansible.”
Hi, Would love to know how will you document for learning purposes after performing an attack such as using Atomic Red Team I followed your video and bought your roadmap thanks!
Completely up to you! Some examples can be to create a step by step on how to setup/execute attacks and/or create a how to document on detecting the attacks you ran. Thanks for the support!
One of the most underrated youtuber in cybersecurity domain. Wishing you to reach more subscribers in future as these kinds of contents will be useful for many in this modern technology based society. Appreciate your consistency and determination on making these contents brother. Love from India ❤
Wow, thank you! That means a lot to me ❤️
Wazuh is awesome! You should do more Wazuh tutorials for those unfamiliar, it'd help save so many ppl's data.
Absolutely wonderful video man, glad your part of the cyber security community! 🤘🏼😎
Thank you! I will definitely continue to provide tutorials for you all ❤️ thanks for watching.
@@MyDFIR Thank YOU! That's very much appreciated. 🙂
Wazuh is super tool! Please, make more wazuh tutorials, and thank you for your videos!
More to come!
You just won a subscriber.
This is just what i was looking for all over UA-cam.
Please provide more on both ubuntu and windows os.
💯🔥
Thank you!
Thanks am learning something from uganda africa
Nice!
An updated wazuh installation and configuration vid would be great. Particularly in docker
Great idea!
Awesome job..excellent and clear to understand tutorial
Glad it was helpful!
Great video. I got your class course, and I was used Wazuh as additional SiEm tool to monitor on top of Splunk. With the FMI I will have more conf on windows and other OS.
Thank you again 🎉for
Awesome!! Thanks for your support and I hope you learned a lot ❤️
@@MyDFIR I do I do
Omg!! It was wanderfull. Hopefully you will include in your course
Thanks!
nice sharing, please share it more
Thanks for watching!
Thank you very much! Amazing video man... I've learned a lot. More videos on Wazuh BTT🙂
My pleasure 💙
Loved your video on FIM also!
Glad you enjoyed it!
More Wazuh content please, im trying to monitor a specific directory on mac but its not working
This vid is gold! Ive been using wazuh on a virtual machine for awhile to learn it. Its been great. Specially when poking my windows machine with kali linux and then check wazuh dashboad
Glad it helped! I’ll definitely put that to the list
Fantastic explanation!! Just subscribed 👍
Awesome, thank you!
I am loving Wazuh!!!
Glad to hear!!
This was great and very informative! More Wazuh content, please. This Wazuh update with FIM looks like a great monitoring tool. How does Wazuh compare with Lima Charlie? Which is a more comprehensive security tool and why? Thank you in advance for any info you can provide! 🙂
Great question! They both have their pros and cons but the main difference here is that LimaCharlie is more modular if that makes sense. It can work with practically any tool. Wazuh is more of a complete solution if tuned/configured properly. If possible, I would use both tools :)
Thank you for this!!
You're so welcome!
From today, you earned my subscription and I take you as my mentor. please accept me. I love the way you take your time to explain. I would want to implement wazuh in my present organization because we do not have a cyber security team and I would like to break into that space. we have a file server and a domain controller and 3 other member servers. My main question is, ON WHICH SERVER WOULD I INSTALL WAZUH. Hope to get a response.
Ideally you would spin up another server dedicated to Wazuh.
Fantastic video! I do have two questions: If I have multiple endpoints, how do I easily add custom paths to monitor in FIM? Do I have to manually edit the ossec.conf in every endpoint? Second question: Instead of drilling down to look for an alert in a every single endpoint, does the fim alerts appear in the top/main dashboard?
You can use a centralized config file documentation.wazuh.com/current/user-manual/reference/centralized-configuration.html and use the alerts dashboard for an overview rather than drilling down into each host
we need another project with wazuh and caldera
Oooo 👀👀
Love to see your videos
Thank you for watching ❤️
This is a great video, thanks for sharing. :)
Thanks for watching!
This is brilliant Steven...but the question I have is this...In a real life scenario how would you install the agent unto the pc to monitor it if it belongs to a staff or is there a way to automatically have it installed by default through active directory or something...Maybe through the office domain and all
Ive seen this done via GPO, SCCM, or manually via remote support. Really depends on the organization. As per Wazuh documentation “If you are deploying Wazuh in a large environment, with a high number of servers or endpoints, keep in mind that this deployment might be easier using automation tools such as Puppet, Chef, SCCM, or Ansible.”
@@MyDFIR Okay...thanks alot brother
Hey bro,can you do a video on how to integrate wazuh with slack to get real time alerts
Great idea, ill add that into my content list!
Hi,
Would love to know how will you document for learning purposes after performing an attack such as using Atomic Red Team I followed your video and bought your roadmap thanks!
Completely up to you! Some examples can be to create a step by step on how to setup/execute attacks and/or create a how to document on detecting the attacks you ran. Thanks for the support!
👍
How can i know if wazuh is compromised by hacker? The dashboard ce showed a few File deleted the wazuh manager host device.
Hello! Quick question, are you running all these methods inside a virtual machine? Cause i'm thinking of creating one through microsoft azure
Yup! Every lab video I use a VM as it’s easier for clean up when done.
@@MyDFIR alright, thank you. Will try doing this and exploring some more as an additional to my portfolio.
can all the fim configuration be done centrally in agent.conf? I'm guessing yes.
Spot on!
I have one question ccna or comptia network+ which one is best for cybersecurity...
Both are good and both are optional but you must at the very least, understand networking concepts.
Which siem tool best to learn for beginners?
Any free one that you can put your hands on :) Wazuh is great