Wazuh SIEM & XDR: 1- Introduction and AD Attack Detection Demo Brute Force, Kerberoasting and DCSync

Описание: This is Episode 1 of a series focused on the Wazuh Security Platform.

Content Of This Video
0:00 - Intro
1:33 - What is Wazuh?
2:29 - Wazuh Key Features
6:15 - Wazuh Core Components
7:37 - Wazuh Platform Architecture
10:28 - Wazuh Deployment Options
11:31 - Wazuh Integrations and Automations
12:41 - Wazuh Support Communities
13:19 - Demo Lab Env Overview
18:30 - AD Brute Force Attack Detection Demo
21:46 - AD Kerberoasting Attack Detection Demo
28:23 - AD DCSync Attack Detection Demo
37:17 - Discover Page
-------------------------------------------------------------------------------
In this video, we introduce Wazuh, explain its architecture and core capabilities, and then move into a hands-on demo focused on Active Directory security monitoring. Using a lab environment, we demonstrate how Wazuh detects common AD attack techniques, including brute force, Kerberoasting, and DCSync.

The focus is on understanding what Active Directory logs, how these attacks appear in logs, and how Wazuh detects and correlates this activity, with references to MITRE ATT&CK where applicable.

#Wazuh, #Wazuh SIEM, #SIEM, #Active Directory Security, #AD Security, #SOC, #Cybersecurity, #MITRE ATT&CK, #Brute Force, #Kerberoasting, #DCSync, #Threat Detection