Wazuh Active Response and AbuseIPDB - Dynamically Block Known Malicious IPs with Wazuh

preview_player
Показать описание
Join me as we integrate Wazuh's Active Response and AbuseIPDB. Block known malicious IPs with Wazuh and the AbuseIPDB API! Let's deploy a Host Intrusion Detection System and SIEM with free open source tools. Join me as we explore and learn together.

  1. Taylor Walton
  2. wazuh
  3. abuseipdb
  4. integration
  5. api
  6. threat feed
Рекомендации по теме
Wazuh Active Response 0:18:52

Wazuh Active Response and AbuseIPDB - Dynamically Block Known Malicious IPs with Wazuh

Windows Firewall Auto 0:18:37

Windows Firewall Auto Blocking With Wazuh - Auto Block Connections to Malicious IPs with Wazuh!

Wazuh and AbuseIPDB 0:19:02

Wazuh and AbuseIPDB - Integrating Wazuh and AbuseIPDB API

Setting Up Virus 0:12:50

Setting Up Virus Total With Wazuh For Windows Endpoint

Block Unwanted Software 0:33:50

Block Unwanted Software With Wazuh! - Proactively Kill Untrusted Software on Windows

Auto Remove Malware 0:27:29

Auto Remove Malware With Wazuh Active Response! - Let's Build a Host Intrusion Detection System

Quarantine Malware with 0:25:41

Quarantine Malware with Wazuh + YARA

Automate Yara Scans 0:18:11

Automate Yara Scans with Wazuh! - Let's Build A Host Intrusion Detection System

Checking IP Against 0:03:59

Checking IP Against AbuseIPDB.com

Curso SIEM Wazuh 0:32:36

Curso SIEM Wazuh Parte 16 - Cadastro e Integração AbuseIPDB com Wazuh através da API Grátis!

demo CDB lists 0:13:01

demo CDB lists and threat intelligence on Wazuh

Automate OSQUERY with 0:17:22

Automate OSQUERY with Wazuh - Let's Build A Host Intrusion Detection System

Two Minute Integration 0:02:04

Two Minute Integration Overview: AbuseIPDB

Wazuh Health Monitoring 0:23:37

Wazuh Health Monitoring - Automate the Health of Your Wazuh Managers

Observing System Resources 0:17:45

Observing System Resources with Wazuh

Detect Reverse Shells 0:34:52

Detect Reverse Shells With Wazuh! - Let's Build A Host Intrusion Detection System

Wazuh Custom Decoders 0:40:17

Wazuh Custom Decoders - Ingest Any Log Into Wazuh By Building Your Own Decoders!

Detecting Dirty Cow 1:15:13

Detecting Dirty Cow Privesc Attacks vs Security Onion with Wazuh added! Host based detection

Wazuh in Phishing 0:03:50

Wazuh in Phishing Attack

Isolate a Compromised 0:27:43

Isolate a Compromised Server Before It Infects Others! Let's Build a Host Intrusion Detection S...

How To Exploit 1:07:57

How To Exploit & Detect Linux Reverse Shells, Security Onion IDS - Wazuh EDR, Fun lab, must watc...

Shuffle + Wazuh 0:46:50

Shuffle + Wazuh + TheHIVE + Cortex = Automation Bliss

Wazuh - Reverse 0:04:11

Wazuh - Reverse Shell (CVE-2018-7600)

Episode 460 - 0:08:24

Episode 460 - Tools, Tips and Tricks - AbuseIPDB

Комментарии
Автор

All your videos are great!
I'm waiting for the next one, I would like you to do a talking about how I can manage the logs so as not to compromise the size of the disk.

marciolima
Автор

I love it, it's going a little bit beyond detection with abuseipdb (previous video), including blocking. Good and detailed explanation. How about making an integration video with wazuh, some opensource antiransomware for windows (Yjesus/antiransomware on github, or any other), or also some opensource edr. I can also think of any opensource antiddos integration? I have seen almost all the videos of wazuh and I have assembled it in my house. Thanks for entertaining me on weekends!!!

oscarmarte
Автор

wonderful video. i love the way you explain the actions you take.

dcj
Автор

Why are my iptables not showing the IP addresses that have been added? Does this have any effect because my firewall is turned off? the activity in integration. log is running, but the event in Wazuh is not showing. Wazuh manager is installed on CentOS 7.

JonathanRoy
Автор

Can you tell how do the same for Windows?

justSamadhi
Автор

your voice has a problem in this video

ghaem