Threat detection and response with WAZUH part-3: Vulnerabilities

Vulnerabilities are innate security flaws in computer systems that can be exploited by hostile actors to break into and breach these systems. When these vulnerabilities are effectively exploited, malware and bad actors can enter the system and carry out nefarious tasks including data exfiltration, remote code execution etc. Thus, in …

Threat detection and response with WAZUH part-2: Agent Installation

In my preceding blog entry, available at this link, I provided a tutorial on the installation of WAZUH SIEM within a Dockerized environment. In this subsequent post, I will elucidate the procedure for deploying and configuring a WAZUH agent on an endpoint system to facilitate log forwarding. Prerequisites Before you …

Threat detection and response with WAZUH part-1

  WAZUH is an open-source security monitoring solution that helps organizations detect and respond to cyber threats. It provides a centralized view of your security posture, allowing you to monitor and secure your infrastructure, applications, and networks in real-time. It includes a variety of features and capabilities such as: Intrusion …

Ansible for Beginners: Manage cisco router with ansible role

Breaking up an ansible playbook with tasks, variables, configuration templates and other supporting files is called a role. A role can be used independently, but have to be used within playbook. It has its own directory structure. Roles in ansible are very robust and you can re-use it once created. In …

Ansible playbook for spin up droplets in DigitalOcean

Ansible is an open source configuration management tool, and is popular for provision infrastructure. In this blog post I’ll show you how easily you can spin up multiple droplets in DigitalOcean. The full code can be downloaded from here. Prerequisite Ansible should be installed on your host and you should …

It all starts with an [SPAM] email

SPAM (or more specifically phishing) email is the most popular and effective weapon of cyber attack now a day. What is the first thing people do after receiving a spam email? Some got caught in the spammer net, some ignore it, some deletes the email, but as a security enthusiast …

from Zero to Swarm, your one stop Docker shop

  Docker, the most popular container technology nowadays. By nature it’s an application container, means if you want apache you will get apache inside your container. Or if you want to run mysql inside your container its mysql only. Got the picture? Cool. In this post I ll show you …

Ansible for Beginners: Manage cisco router with ansible playbook

    In my previous post I have shown you what playbook is, how to write and how you can run playbook. In this post I’ll show you another playbook which will be used for managing a Cisco router.  I’ll use the below simple topology for this tutorial. (All files …

Ansible for Beginners: Introduction and Installation

  Managing an infrastructure is a big challenge now a day. Most of the infrastructure is made of heterogeneous devices. To manage all these devices, you need special people and skill. To run all the device efficiently and to get the maximum benefits of those devices you have to build …

Back to Top