All CosmicBytez Labs articles tagged #SIEM, across news, security advisories, how-to guides, and projects.
Use SQL to query your endpoints like a database. Deploy osquery across Linux and Windows hosts to surface process trees, network connections, user activity, and persistence mechanisms — then build detection queries for real-world threat hunting.
Deploy Zeek (formerly Bro) on Linux to passively monitor network traffic, generate structured logs, write detection scripts, and forward data to your SIEM...
Deploy Suricata as a full-featured Network Intrusion Detection and Prevention System on Ubuntu. Covers installation, interface capture, Emerging Threats...
A critical remote code execution vulnerability (CVSS 9.1) in Wazuh versions 4.0.0–4.14.2 allows an attacker with access to a worker node to achieve root...
A critical privilege escalation vulnerability (CVSS 9.1) in Wazuh versions 3.9.0–4.14.2 allows authenticated cluster nodes to overwrite the manager...
Step-by-step guide to deploying Wazuh as an open-source SIEM and XDR platform. Covers server installation, agent deployment across Windows and Linux,...
End-to-end SOC guide for Microsoft Sentinel: build KQL-based scheduled and NRT analytics rules, wire automation rules for incident triage, and deploy...
Configure FortiAnalyzer for centralized logging, SIEM integration, and compliance reporting. Covers syslog forwarding, custom log handlers, and PCI/HIPAA...
Deploy Microsoft Sentinel as your cloud-native SIEM with data connectors, analytics rules, workbooks, and SOAR automation for comprehensive security operations.
Step-by-step project guide for building a functional SIEM using Wazuh, Elastic, and Grafana. Perfect for homelabs and small businesses.