Wazuh SIEM & XDR: 5 – Active Response and Automated Defense скачать в хорошем качестве

Wazuh SIEM & XDR: 5 – Active Response and Automated Defense

Video Content 00:00 – Introduction to Active Response in Wazuh 00:36 – Windows Brute Force Attack and Auto Blocking 05:51 – Linux SSH Brute Force with Timed Blocking 10:42 – BlackSuit Ransomware Behavior Detection 15:14 – Malware Detection and Automatic Removal 18:21 – USB Device Detection on Windows and Linux 27:59 – Summary and Closing Video Description In this video, we explore Active Response in Wazuh and demonstrate how it enables automated, real-time security actions instead of just alerting. The video includes three hands-on demos using real systems and real attack activity: Automatically detecting and blocking brute-force attacks on Windows and Linux Detecting BlackSuit ransomware behavior using activity-based detection and responding to confirmed malware Identifying authorized and unauthorized USB devices across Windows and Linux environments Throughout the demos, we show how Wazuh correlates events, executes active response scripts, and enforces security controls automatically to reduce response time and analyst workload.