Install MozDef on ubuntu

Opensource siem has its own place in the SOC world. Even commercial siem uses Opensource components like elasticsearch, kibana, and logstash. Some of the popular opensource SIEM include OSSIM, The ELK stack, OSSEC, Wazuh, Apache Metron and MozDef by Mozilla. The reason behind writing this post is to help with the installation process of MozDef. … Read more

Getting OSSEC Server Logs into ELK stack

Monitoring logs is an important part of active defense. With that being said OSSEC is an industry-standard for HIDS, as being used by many popular commercial tools like Alienvault OSSIM and USM. Searching through the internet you will find official OSSEC web interface. But it cannot be of much use if you are looking forward … Read more