JANUARY 2023
SOCFortress.
Your Open-Source Incident Response Platform.
SOC as a Service for MSPs and MSSPs
P
|
socfortress
SIEM StackService Deployment Plans
SIEM in the making
Infrastructure for EndPoint Telemetry.
Log Collection of all Network Devices and Security Infra.
3rd Party Integrations.
Threat Intel (SOCFortress API).
SIEM stack performance Monitoring.
Alerting and Notifications.
Cold Storage.
Contact
SOC Ready
SIEM in the making +
Advanced Detection Rules: De-facto standard for SIEM rules Sigma
High Risk Vulnerability Reporting: EPSS to spot critical vulnerabilities
Case Management: Collaborate, enrich, and respond to high severity alerts all in real time
Incident Response: Investigate alerts by interacting with the monitored endpoints
SOAR Automation: Integrate your security stack with advanced and fully automated workflows
Contact
MSSP Ready
SOC Ready +
SOPCFortress CoPilot: Orchestrate your SIEM stack
Security Homepage: Keep your team organized with a security homepage
Key Performance Indicators: Give your clients oversight into the company's security posture
Contact
Prevention | Detection | Response.
Unify Cyber Risk Evaluation, Threat Intelligence and Security Orchestration, Automation, and Response (SOAR).
Built For SpeedPlatform Features
Rich Dashboards.
Analysis
Continuous Risk Assessment
SaaS
Case Management and Alerting.
SOC as a Service for MSPs/MSSPsWhy Organizations Choose SOCFortress
Standardized Processes for Incident Response. Record, Analyze, and Interact with All Information Related to a Case. Digital forensics that facilitate artifact collection.
SOAR
Entire security lifecycle. Continuous feedback and improvement loop. External threat intelligence and internal security ops, directing action against the threats that matter most. The efficiency of those actions is continually improved through Playbooks and automated Workflows. The outcomes of those actions further feed intelligence.
Continuous Security
Integrations let you collect and report metrics and events across your entire infrastructure. Get a real-time view of your enterprise or cloud infrastructure.
System Metrics
Different types of Alerts based on events and Anomaly Detection. Notifications via e-mail, Slack, etc. Metrics & Log Alerts: Anomalies and Thresholds.
Alerting
Access data, Indicators of Compromise and events severity. Share security cases and events metadata with other team members.
Case Management
Transitioning from a Managed Service Provider (MSP) to a Managed Security Service Provider (MSSP) involves several challenges and benefits.
Expanded capabilities for MSPs.
Facilitate collaboration between IT security and operations teams and integrate the technology and processes to keep systems and data secure. Reduce risk and improve business agility.
SecOps
More than log management. Based on Elasticsearch in the Cloud without paying expensive consultants. Get all the benefits of an Elasticsearch and Grafana without the overhead of managing it yourself.
Log Analysis
Proactive Threat Intel Analysts. Threats prioritization and actionable responses. Automated tasks and playbooks.
Layered ThreatIntel
Standardized Processes for Incident Response. Record, Analyze, and Interact with All Information Related to a Case. Digital forensics that facilitate artifact collection.
SOAR
Entire security lifecycle. Continuous feedback and improvement loop. External threat intelligence and internal security ops, directing action against the threats that matter most. The efficiency of those actions is continually improved through Playbooks and automated Workflows. The outcomes of those actions further feed intelligence.
Continuous Security
Integrations let you collect and report metrics and events across your entire infrastructure. Get a real-time view of your enterprise or cloud infrastructure.
System Metrics
Different types of Alerts based on events and Anomaly Detection. Notifications via e-mail, Slack, etc. Metrics & Log Alerts: Anomalies and Thresholds.
Alerting
Access data, Indicators of Compromise and events severity. Share security cases and events metadata with other team members.
Case Management
Transitioning from a Managed Service Provider (MSP) to a Managed Security Service Provider (MSSP) involves several challenges and benefits.
Expanded capabilities for MSPs.
Facilitate collaboration between IT security and operations teams and integrate the technology and processes to keep systems and data secure. Reduce risk and improve business agility.
SecOps
More than log management. Based on Elasticsearch in the Cloud without paying expensive consultants. Get all the benefits of an Elasticsearch and Grafana without the overhead of managing it yourself.
Log Analysis
Proactive Threat Intel Analysts. Threats prioritization and actionable responses. Automated tasks and playbooks.
Layered ThreatIntel
Standardized Processes for Incident Response. Record, Analyze, and Interact with All Information Related to a Case. Digital forensics that facilitate artifact collection.
SOAR
Where Observability meetsSecurity
Service portal, dashboards, metrics and security events.
SOCFortress service portal is based on the visualization tool Grafana. After accessing the service portal with your credentials a landing page is loaded with metrics and events summaries. From here you can start evaluating monitoring metrics, infra logs, security events, etc.
EDR security events and security feeds.
Quick access to high severity events collected from your end-points and latest events gathered by our threat intel.
MITRE ATT&CK TTPs enrichment.
Security events include MITRE ATT&CK TTP information for better insights.
From Windows Event Logs to full telemetry on processes, network connections, and much more.
SOCFortress EDR covers prevention, detection and response. From the basics of Windows Event Logs to a full range of end-point telemetry and anomaly detection.
Network and Infra Logs
Effective security Analysis requires log collection from all available sources in your environmet. SOCFortress can collect logs from different network and security devices to obtain a complete view and insights for all your IT Infra.
0
Threat Intel - IoC Attributes0
Threat Intel - IoC Categories0
Threat Intel - ATPs0
Threat Intel - IoC TypesNews and SOCFortress BlogLatest Entries
JANUARY 2023 Taylor Walton
SOCFortress.
Part 12. SIGMA rules for the OpenSource SIEM.
JANUARY 2023 Taylor Walton
SOCFortress.
Detect Malcious File Uploads With Wazuh and Yara.
JANUARY 2023 Taylor Walton
SOCFortress.
World’s Best FREE SIEM Stack Series Compilation.
JANUARY 2023 Taylor Walton
Threat Intel.
Part 11. Wazuh Events and MISP Automation.
DEC 2022 Taylor Walton
Threat Detection.
Detecting Abnormal Network Ports With Wazuh.
DEC 2022 Taylor Walton
Threat Intel.
Part 10. MISP Threat Intel.
DEC 2022 Taylor Walton
SOCFortress.
Part 9. Log Normalization.
NOV 2022 Taylor Walton
Threat Intel.
Part 8. Firewall Threat Intel With GreyNoise.
NOV 2022 Taylor Walton
SOCFortress.
Part 7. Firewall Log Collection Made Easy.
NOV 2022 Taylor Walton
SOCFortress.
Part 6. Best Open Source SIEM Dashboards.
NOV 2022 Taylor Walton
SOCFortress.
Part 5. Intelligent SIEM Logging.
OCT 2022 Taylor Walton
SOCFortress.
Part 4. Wazuh Agent Install —Endpoint Monitoring.
OCT 2022 Taylor Walton
SOCFortress.
Part 3. Wazuh Manager Install — Log Analysis.
OCT 2022 Taylor Walton
SOCFortress.
Part 2. Graylog Install — Log Ingestion.
OCT 2022 Taylor Walton
SOCFortress.
Part 1. Wazuh Indexer — SIEM Backend.
OCT 2022 Taylor Walton
SOCFortress.
Build Your Own SIEM Stack with Open Source Tools Series.
AUG 2022 Juan J. Romero
SOCFortress.
Wazuh SIEM Integrations (III) — Microsoft Defender for Endpoint.
AUG 2022 Taylor Walton
SOCFortress.
FREE Wazuh Advanced Wazuh Detection Rules.
AUG 2022 Taylor Walton
Adversary Emulations.
SOCFortress Attack Simulator.
JULY 2022 Juan J. Romero
Adversary Emulations.
Detecting APT29 With SOCFortress.
July 2022 Juan J. Romero
Wazuh SIEM Integrations.
Wazuh SIEM Integrations (II) — WithSecure Elements EPP.
July 2022 Juan J. Romero
Wazuh SIEM Integrations.
Wazuh SIEM Integrations (I) — Sophos Intercept X.
July 2022 Juan J. Romero
ZuoRAT Malware.
ZuoRAT — Wazuh Detection Rules.
June 2022 Juan J. Romero
Windows Registry Forensics.
Windows Registry Forensic Analysis using Chainsaw, Wazuh Agent and Sigma Rules.
June 2022 Juan J. Romero
CVE-2022–26134.
CVE-2022–26134 — Zero-Day Exploitation of Atlassian Confluence.
June 2022 Juan J. Romero
CVE-2022–30190.
Wazuh Detection Rules for MS RCE CVE-2022–30190, “Follina”.
May 2022 Juan J. Romero
Web App Firewalls.
Enforcing Security in Web App Firewalls using Wazuh Active Response.
May 2022 Juan J. Romero
Office 365.
OFFICE 365 — MITRE Enriched Events Using Wazuh Detection Rules.
May 2022 SOCFortress
Incident Response.
FREE Incident Response With Velociraptor.
May 2022 Juan J. Romero
Software Policy.
Monitoring Corporate Software Policies using Wazuh EDR and Sysmon.
May 2022 Juan J. Romero
Observability and Security Monitoring in Containers.
Performance metrics, Vulnerability Analysis and Security Events.
April 2022 Juan J. Romero
Data Exfiltration using ICMP (and how to detect it).
Exfiltration, as described in Mitre Tactic TA0010, consists of techniques adversaries may use to steal data from your network
April 2022 SOCFortress
Understanding Wazuh Decoders.
Build custom decoders to ingest any type of log.
April 2022 Juan J. Romero
CVE 2022–26809: MS-RPC VULNERABILITY.
Microsoft has fixed a new Windows RPC CVE-2022–26809 vulnerability that is raising concerns.
April 2022 SOCFortress
Endpoint Install and User Credentials.
Installing the SOCFortress endpoint and accessing the SOCFortress platform.
April 2022 SOCFortress
SOCFortress Platform.
Interacting With The SOCFortress Platform.
April 2022 SOCFortress
Easiest SIEM Install.
Wazuh, Elasticsearch, Kibana, and Filebeat Docker Install.
April 2022 Juan J. Romero
Adversary Simulations.
Adversary Emulations Using Mitre Caldera and Wazuh EDR, Part II: Discovery.
March 2022 Juan J. Romero
DNS Traffic Insights.
DNS Traffic Insights using Domain Stats and Wazuh EDR.
March 2022 Juan J. Romero
Sysinternals Part II.
Scanning and Analyzing Executable Files by their hash + VirusTotal.
March 2022 Juan J. Romero
Adversary Simulations.
Adversary Simulations Using Mitre Caldera and Wazuh EDR, Part I: Executing the Beacon Payload.
March 2022 Juan J. Romero
Sysinternals Part I.
Wazuh and Sysinternals Integration. Part I: Finding Persistent Footholds.
Feb 2022 Juan J. Romero
SIEM - OpenCTI Integration.
Wazuh manager integration with OpenCTI for Threat Intel.
Feb 2022 Juan J. Romero
Network Scans
How to run network scans integrated in your EDR agents.
Feb 2022 Juan J. Romero
Detect Cobalt Strike Beacons
How to detect Cobalt Strike Beacons, commonly used in Ransomware attacks.
Feb 2022 Juan J. Romero
Monitor your Wazuh Stack
How to gather system metrics and observability using Telegraf and InfluxDB.
Feb 2022 SOCFortress
Enriching Login Attempts with Wazuh and AbuseIPDB
Know when when a known aggressive IP has attempted to SSH into one of your servers.
Feb 2022 Juan J. Romero
The MITRE D3FEND Framework - Part I: HARDEN — PLATFORM HARDENING
Implementing and validating MITRE D3FEND Countermeasures using Wazuh EDR. Part I: HARDEN — PLATFORM HARDENING.
Feb 2022 Juan J. Romero
The MITRE D3FEND Framework - Introduction
This is the first in a series of blog entries covering the MITRE D3FEND Framerowk.
June 2024 Taylor Walton
Upgrading Wazuh to Version 4.8.0.
A Step-by-Step Guide.
June 2024 Taylor Walton
CoPilot
Integrating Duo MFA Authentication Logs with Your SIEM Stack Using Copilot.
June 2024 Juan J. Romero
SOCFortress integrations
Malicious macros detection in MS-Office files using “olevba”.
June 2024 Taylor Walton
CoPilot
Simplify Cloud Security: ScoutSuite and CoPilot.
June 2024 Taylor Walton
CoPilot
Analyzing Processes in Wazuh Alerts with Advanced Risk Scoring from Global Data Using CoPilot.
June 2024 Taylor Walton
CoPilot
How to Ingest Crowdstrike Events into an Open Source SIEM Stack Easily Using Copilot.
May 2024 Taylor Walton
CoPilot
Mastering Wazuh’s Active Response: Block Malicious IPs with CoPilot & Wazuh!.
May 2024 Taylor Walton
CoPilot
Supercharge Your SIEM Stack: Auto-Enrich Wazuh Events with SOCFortress Threat Intelligence.
May 2024 Taylor Walton
CoPilot
Wazuh Rule Writing With CoPilot AI Module.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Trend Micro Deep Security.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Ubiquiti Networks.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Carbon Black EPP.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — CheckPoint Harmony.
March 2024 Taylor Walton
CoPilot
Wazuh Content Pack For Graylog — Easily Configure Your SOCFortress SIEM Stack
March 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cylance EndPoint Protection.
Feb 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Huntress Labs.
Feb 2024 Taylor Walton
CoPilot
CoPilot Install — Updated
Feb 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — ESET EndPoint Protection.
Feb 2024 Taylor Walton
Copilot
CoPilot — Your Next Open Source Security Tool.
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Fortinet Secure Web Proxy (FortiProxy).
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Google Workspace.
Jan 2024 Taylor Walton
CoPilot
01/31
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cato Networks SDWAN.
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cisco Umbrella (Virtual Appliance).
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — McAfee Secure Web Gateway (SWG).
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — PioLink WEBFRONT-K (Web Application and API Protection).
Oct 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Oracle Cloud Infrastructure (OCI).
Oct 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Nozomi Networks (OT).
Oct 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — IronScales Email Security.
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cynet EndPoint Protection.
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Akamai Web Application Firewall (WAF).
Sept 2023 Juan J. Romero
SOCFortress integrations
Executable files analysis and capabilities detection using capa (Mandiant).
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Trellix Email Security (Cloud).
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Mimecast Email Security (Cloud).
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Controlled Unclassified Information (CUI) Security Controls.
Aug 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Duo Security.
Aug 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Cisco Secure EndPoint.
Aug 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — SentinelOne EndPoint Protection.
Aug 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — TrendMicro EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — McAfee EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — BitDefender EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — CrowdStrike EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — FortiGate BlockList, File Hashes.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — CloudFlare.
June 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Vulnerability Management using the Exploit Prediction Scoring System (EPSS).
May 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Kaspersky EndPoint Protection.
Apr 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Advanced Traffic Flow Analysis using Zeek.
FEBRUARY 2023 Taylor Walton
SOCFortress Stack Demo.
Enhancing Cybersecurity with Free Open Source Tools.
FEBRUARY 2023 Taylor Walton
Threat Intel.
Maximizing Threat Detection and Response with Cortex.
FEBRUARY 2023 Taylor Walton
SOCFortress.
Boost Your MSP to MSSP.
JANUARY 2023 Taylor Walton
SOCFortress.
Your Open-Source Incident Response Platform.
JANUARY 2023 Taylor Walton
SOCFortress.
Part 12. SIGMA rules for the OpenSource SIEM.
JANUARY 2023 Taylor Walton
SOCFortress.
Detect Malcious File Uploads With Wazuh and Yara.
JANUARY 2023 Taylor Walton
SOCFortress.
World’s Best FREE SIEM Stack Series Compilation.
JANUARY 2023 Taylor Walton
Threat Intel.
Part 11. Wazuh Events and MISP Automation.
DEC 2022 Taylor Walton
Threat Detection.
Detecting Abnormal Network Ports With Wazuh.
DEC 2022 Taylor Walton
Threat Intel.
Part 10. MISP Threat Intel.
DEC 2022 Taylor Walton
SOCFortress.
Part 9. Log Normalization.
NOV 2022 Taylor Walton
Threat Intel.
Part 8. Firewall Threat Intel With GreyNoise.
NOV 2022 Taylor Walton
SOCFortress.
Part 7. Firewall Log Collection Made Easy.
NOV 2022 Taylor Walton
SOCFortress.
Part 6. Best Open Source SIEM Dashboards.
NOV 2022 Taylor Walton
SOCFortress.
Part 5. Intelligent SIEM Logging.
OCT 2022 Taylor Walton
SOCFortress.
Part 4. Wazuh Agent Install —Endpoint Monitoring.
OCT 2022 Taylor Walton
SOCFortress.
Part 3. Wazuh Manager Install — Log Analysis.
OCT 2022 Taylor Walton
SOCFortress.
Part 2. Graylog Install — Log Ingestion.
OCT 2022 Taylor Walton
SOCFortress.
Part 1. Wazuh Indexer — SIEM Backend.
OCT 2022 Taylor Walton
SOCFortress.
Build Your Own SIEM Stack with Open Source Tools Series.
AUG 2022 Juan J. Romero
SOCFortress.
Wazuh SIEM Integrations (III) — Microsoft Defender for Endpoint.
AUG 2022 Taylor Walton
SOCFortress.
FREE Wazuh Advanced Wazuh Detection Rules.
AUG 2022 Taylor Walton
Adversary Emulations.
SOCFortress Attack Simulator.
JULY 2022 Juan J. Romero
Adversary Emulations.
Detecting APT29 With SOCFortress.
July 2022 Juan J. Romero
Wazuh SIEM Integrations.
Wazuh SIEM Integrations (II) — WithSecure Elements EPP.
July 2022 Juan J. Romero
Wazuh SIEM Integrations.
Wazuh SIEM Integrations (I) — Sophos Intercept X.
July 2022 Juan J. Romero
ZuoRAT Malware.
ZuoRAT — Wazuh Detection Rules.
June 2022 Juan J. Romero
Windows Registry Forensics.
Windows Registry Forensic Analysis using Chainsaw, Wazuh Agent and Sigma Rules.
June 2022 Juan J. Romero
CVE-2022–26134.
CVE-2022–26134 — Zero-Day Exploitation of Atlassian Confluence.
June 2022 Juan J. Romero
CVE-2022–30190.
Wazuh Detection Rules for MS RCE CVE-2022–30190, “Follina”.
May 2022 Juan J. Romero
Web App Firewalls.
Enforcing Security in Web App Firewalls using Wazuh Active Response.
May 2022 Juan J. Romero
Office 365.
OFFICE 365 — MITRE Enriched Events Using Wazuh Detection Rules.
May 2022 SOCFortress
Incident Response.
FREE Incident Response With Velociraptor.
May 2022 Juan J. Romero
Software Policy.
Monitoring Corporate Software Policies using Wazuh EDR and Sysmon.
May 2022 Juan J. Romero
Observability and Security Monitoring in Containers.
Performance metrics, Vulnerability Analysis and Security Events.
April 2022 Juan J. Romero
Data Exfiltration using ICMP (and how to detect it).
Exfiltration, as described in Mitre Tactic TA0010, consists of techniques adversaries may use to steal data from your network
April 2022 SOCFortress
Understanding Wazuh Decoders.
Build custom decoders to ingest any type of log.
April 2022 Juan J. Romero
CVE 2022–26809: MS-RPC VULNERABILITY.
Microsoft has fixed a new Windows RPC CVE-2022–26809 vulnerability that is raising concerns.
April 2022 SOCFortress
Endpoint Install and User Credentials.
Installing the SOCFortress endpoint and accessing the SOCFortress platform.
April 2022 SOCFortress
SOCFortress Platform.
Interacting With The SOCFortress Platform.
April 2022 SOCFortress
Easiest SIEM Install.
Wazuh, Elasticsearch, Kibana, and Filebeat Docker Install.
April 2022 Juan J. Romero
Adversary Simulations.
Adversary Emulations Using Mitre Caldera and Wazuh EDR, Part II: Discovery.
March 2022 Juan J. Romero
DNS Traffic Insights.
DNS Traffic Insights using Domain Stats and Wazuh EDR.
March 2022 Juan J. Romero
Sysinternals Part II.
Scanning and Analyzing Executable Files by their hash + VirusTotal.
March 2022 Juan J. Romero
Adversary Simulations.
Adversary Simulations Using Mitre Caldera and Wazuh EDR, Part I: Executing the Beacon Payload.
March 2022 Juan J. Romero
Sysinternals Part I.
Wazuh and Sysinternals Integration. Part I: Finding Persistent Footholds.
Feb 2022 Juan J. Romero
SIEM - OpenCTI Integration.
Wazuh manager integration with OpenCTI for Threat Intel.
Feb 2022 Juan J. Romero
Network Scans
How to run network scans integrated in your EDR agents.
Feb 2022 Juan J. Romero
Detect Cobalt Strike Beacons
How to detect Cobalt Strike Beacons, commonly used in Ransomware attacks.
Feb 2022 Juan J. Romero
Monitor your Wazuh Stack
How to gather system metrics and observability using Telegraf and InfluxDB.
Feb 2022 SOCFortress
Enriching Login Attempts with Wazuh and AbuseIPDB
Know when when a known aggressive IP has attempted to SSH into one of your servers.
Feb 2022 Juan J. Romero
The MITRE D3FEND Framework - Part I: HARDEN — PLATFORM HARDENING
Implementing and validating MITRE D3FEND Countermeasures using Wazuh EDR. Part I: HARDEN — PLATFORM HARDENING.
Feb 2022 Juan J. Romero
The MITRE D3FEND Framework - Introduction
This is the first in a series of blog entries covering the MITRE D3FEND Framerowk.
June 2024 Taylor Walton
Upgrading Wazuh to Version 4.8.0.
A Step-by-Step Guide.
June 2024 Taylor Walton
CoPilot
Integrating Duo MFA Authentication Logs with Your SIEM Stack Using Copilot.
June 2024 Juan J. Romero
SOCFortress integrations
Malicious macros detection in MS-Office files using “olevba”.
June 2024 Taylor Walton
CoPilot
Simplify Cloud Security: ScoutSuite and CoPilot.
June 2024 Taylor Walton
CoPilot
Analyzing Processes in Wazuh Alerts with Advanced Risk Scoring from Global Data Using CoPilot.
June 2024 Taylor Walton
CoPilot
How to Ingest Crowdstrike Events into an Open Source SIEM Stack Easily Using Copilot.
May 2024 Taylor Walton
CoPilot
Mastering Wazuh’s Active Response: Block Malicious IPs with CoPilot & Wazuh!.
May 2024 Taylor Walton
CoPilot
Supercharge Your SIEM Stack: Auto-Enrich Wazuh Events with SOCFortress Threat Intelligence.
May 2024 Taylor Walton
CoPilot
Wazuh Rule Writing With CoPilot AI Module.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Trend Micro Deep Security.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Ubiquiti Networks.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Carbon Black EPP.
April 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — CheckPoint Harmony.
March 2024 Taylor Walton
CoPilot
Wazuh Content Pack For Graylog — Easily Configure Your SOCFortress SIEM Stack
March 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cylance EndPoint Protection.
Feb 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Huntress Labs.
Feb 2024 Taylor Walton
CoPilot
CoPilot Install — Updated
Feb 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — ESET EndPoint Protection.
Feb 2024 Taylor Walton
Copilot
CoPilot — Your Next Open Source Security Tool.
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Fortinet Secure Web Proxy (FortiProxy).
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Google Workspace.
Jan 2024 Taylor Walton
CoPilot
01/31
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cato Networks SDWAN.
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cisco Umbrella (Virtual Appliance).
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — McAfee Secure Web Gateway (SWG).
Jan 2024 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — PioLink WEBFRONT-K (Web Application and API Protection).
Oct 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Oracle Cloud Infrastructure (OCI).
Oct 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Nozomi Networks (OT).
Oct 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — IronScales Email Security.
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Cynet EndPoint Protection.
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Akamai Web Application Firewall (WAF).
Sept 2023 Juan J. Romero
SOCFortress integrations
Executable files analysis and capabilities detection using capa (Mandiant).
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Trellix Email Security (Cloud).
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Mimecast Email Security (Cloud).
Sept 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Controlled Unclassified Information (CUI) Security Controls.
Aug 2023 Juan J. Romero
SOCFortress integrations
SOCFortress Integrations — Duo Security.
Aug 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Cisco Secure EndPoint.
Aug 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — SentinelOne EndPoint Protection.
Aug 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — TrendMicro EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — McAfee EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — BitDefender EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — CrowdStrike EndPoint Protection.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — FortiGate BlockList, File Hashes.
July 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — CloudFlare.
June 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Vulnerability Management using the Exploit Prediction Scoring System (EPSS).
May 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Kaspersky EndPoint Protection.
Apr 2023 Juan J. Romero
SOCFortress Integrations.
SOCFortress Integrations — Advanced Traffic Flow Analysis using Zeek.
FEBRUARY 2023 Taylor Walton
SOCFortress Stack Demo.
Enhancing Cybersecurity with Free Open Source Tools.
FEBRUARY 2023 Taylor Walton
Threat Intel.
Maximizing Threat Detection and Response with Cortex.
FEBRUARY 2023 Taylor Walton
SOCFortress.
Boost Your MSP to MSSP.