#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Wazuh | Breaking Cybersecurity News | The Hacker News

Category — Wazuh
Enhancing Incident Response Readiness with Wazuh

Enhancing Incident Response Readiness with Wazuh

Aug 05, 2024 Threat Detection / Network Security
Incident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such as timely detection, comprehensive data collection, and coordinated actions to enhance readiness. Improving these areas ensures a swift and effective response, minimizing damage and restoring normal operations quickly. Challenges in incident response Incident response presents several challenges that must be addressed to ensure a swift and effective recovery from cyber attacks. The following section lists some of these challenges. Timeliness : One of the primary challenges in incident response is addressing incidents quickly enough to minimize damage. Delays in response can lead to more compromises and increased recovery costs. Information correlation : Security teams often struggle to effectively collect and correlate relevant data. Without a comprehensive view, understanding the full scope and impact of the incident becomes difficu
Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity

Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity

Feb 09, 2024 Cloud Security / Open Source XDR / SIEM
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and challenges that demand diligent consideration. In this blog post, we will explore some challenges of cybersecurity in the cloud era. We will also delve into how Wazuh, a cybersecurity solution supporting cloud platforms like Amazon Web Services (AWS), Microsoft Azure, Github, and Google Cloud Platform (GCP), can help address these challenges effectively. The rise of cloud computing Cloud computing deploys services, including servers, storage, software, databases, networking, and intelligence over the Internet " the cloud " to offer flexible resources, faster innovation, and cost efficiencies. Cloud c
The Secret Weakness Execs Are Overlooking: Non-Human Identities

The Secret Weakness Execs Are Overlooking: Non-Human Identities

Oct 03, 2024Enterprise Security / Cloud Security
For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem installations and controlled networks. Data and applications now reside in distributed cloud environments and data centers, accessed by users and devices connecting from anywhere on the planet. The walls have crumbled, and the perimeter has dissolved, opening the door to a new battlefield: identity . Identity is at the center of what the industry has praised as the new gold standard of enterprise security: "zero trust." In this paradigm, explicit trust becomes mandatory for any interactions between systems, and no implicit trust shall subsist. Every access request, regardless of its origin,
Building a Robust Threat Intelligence with Wazuh

Building a Robust Threat Intelligence with Wazuh

Dec 07, 2023 Threat Intelligence / Network Security
Threat intelligence refers to gathering, processing, and analyzing cyber threats, along with proactive defensive measures aimed at strengthening security. It enables organizations to gain a comprehensive insight into historical, present, and anticipated threats, providing context about the constantly evolving threat landscape. Importance of threat intelligence in the cybersecurity ecosystem Threat intelligence is a crucial part of any cybersecurity ecosystem. A robust cyber threat intelligence program helps organizations identify, analyze, and prevent security breaches. Threat intelligence is important to modern cyber security practice for several reasons: Proactive defense:  Organizations can enhance their overall cyber resilience by integrating threat intelligence into security practices to address the specific threats and risks that are relevant to their industry, geolocation, or technology stack. Threat intelligence allows organizations to identify potential threats in advanc
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Protecting your IT infrastructure with Security Configuration Assessment (SCA)

Protecting your IT infrastructure with Security Configuration Assessment (SCA)

Oct 03, 2023 Network Security / XDR / SIEM
Security Configuration Assessment (SCA)  is critical to an organization's cybersecurity strategy. SCA aims to discover vulnerabilities and misconfigurations that malicious actors exploit to gain unauthorized access to systems and data. Regular  security configuration assessments  are essential in maintaining a secure and compliant environment, as this minimizes the risk of cyber attacks. The assessment provides insight into your current security posture by performing configuration baseline checks on services and applications running on critical systems. How SCA works  SCA is performed by checking the configurations of your IT assets against known benchmarks such as the Center for Internet Security (CIS) benchmark and compliance standards such as NIST, GDPR, and HIPPA. Regulatory standards provide a global benchmark for best practices to help organizations enhance their IT hygiene and improve customer trust. The CIS benchmark provides a guideline for best practices for security c
Enhancing Security Operations Using Wazuh: Open Source XDR and SIEM

Enhancing Security Operations Using Wazuh: Open Source XDR and SIEM

Aug 07, 2023 SIEM and XDR Platform
In today's interconnected world, evolving security solutions to meet growing demand is more critical than ever. Collaboration across multiple solutions for intelligence gathering and information sharing is indispensable. The idea of multiple-source intelligence gathering stems from the concept that threats are rarely isolated. Hence, their detection and prevention require a comprehensive understanding of the broader landscape. A comprehensive and robust security framework should be established by aggregating resources, knowledge, and expertise from various sources. This collaborative effort allows for the analysis of diverse data sets, the identification of emerging patterns, and the timely dissemination of crucial information.  In this article, we discuss a versatile security platform that can operate in two distinct roles within a security ecosystem. This platform can function as a subscriber, actively collecting and aggregating security data from various endpoints and other so
How Wazuh Improves IT Hygiene for Cyber Security Resilience

How Wazuh Improves IT Hygiene for Cyber Security Resilience

Jun 01, 2023 Threat Detection / SIEM
IT hygiene  is a security best practice that ensures that digital assets in an organization's environment are secure and running properly. Good IT hygiene includes vulnerability management, security configuration assessments, maintaining asset and system inventories, and comprehensive visibility into the activities occurring in an environment. As technology advances and the tools used by cybercriminals and cybersecurity professionals evolve, the strategies used to carry out cyber attacks differ based on their complexity and uniqueness. Threat actors continuously target organizations practicing poor IT hygiene to exploit known security weaknesses and human error. Security administrators can defend against cyberattacks by implementing good  IT hygiene  practices like whitelisting programs, keeping systems up to date, and more. Gaining complete visibility into the IT assets is fundamental to developing an effective security strategy. The emergence of shadow IT, like rogue assets, s
Protecting your business with Wazuh: The open source security platform

Protecting your business with Wazuh: The open source security platform

Apr 10, 2023 Endpoint Security / Threat Detection
Today, businesses face a variety of security challenges like cyber attacks, compliance requirements, and endpoint security administration. The threat landscape constantly evolves, and it can be overwhelming for businesses to keep up with the latest security trends. Security teams use processes and security solutions to curb these challenges. These solutions include firewalls, antiviruses, data loss prevention services, and XDRs (Extended Detection and Response). Wazuh is a free and open source security platform that unifies XDR and SIEM (System Information and Event Management) capabilities. It comprises a universal security agent for event data collection from various sources and the central components for event analysis, correlation, and alerting. The central components include the Wazuh server, dashboard, and indexer. Wazuh offers a suite of modules capable of providing extended threat detection and response for on-premises and cloud workloads.  In this article, we emphasize the
Auditing Kubernetes with Open Source SIEM and XDR

Auditing Kubernetes with Open Source SIEM and XDR

Feb 01, 2023 SIEM / Kubernetes
Container technology has gained traction among businesses due to the increased efficiency it provides. In this regard, organizations widely use Kubernetes for deploying, scaling, and managing containerized applications. Organizations should audit Kubernetes to ensure compliance with regulations, find anomalies, and identify security risks. The Wazuh open source platform plays a critical role in monitoring Kubernetes and other components of an organization's infrastructure. What is Kubernetes? Kubernetes is an open source container management solution that automates the deployment and scaling of containers and also manages the life cycle of containers. It organizes containers into logical units for simple management and discovery. Kubernetes extends how we scale containerized applications so that we may use a truly persistent infrastructure. You can build cloud-native applications based on microservices with Kubernetes. Enthusiasts view Kubernetes as the cornerstone of application m
How XDR Helps Protect Critical Infrastructure

How XDR Helps Protect Critical Infrastructure

Dec 07, 2022 SIEM / XDR / Threat intelligence
Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Safety and security are necessary for the optimal operation of these critical infrastructures. Critical infrastructure is made up of digital and non-digital assets. Organizations must stay ahead of cybersecurity threats to prevent failures caused by cyber attacks on critical infrastructure. Finding ways to protect digital assets in an ever-changing landscape filled with threats is a continuous activity. Organizations must also employ efficient security solutions and best practices to stay protected and reduce the chances of compromise. Security solutions help secure and improve the visibility of an organization's threat landscape. Different solutions use different concepts and approaches. An important concept that has risen recently
Expert Insights / Articles Videos
Cybersecurity Resources