Wazuh SIEM & XDR: 5 – Active Response and Automated Defense

Video Content 00:00 – Introduction to Active Response in Wazuh 00:36 – Windows Brute Force Attack and Auto Blocking 05:51 – Linux SSH Brute Force with Timed Blocking 10:42 – BlackSuit Ransomware Behavior Detection 15:14 – Malware Detection and Automatic Removal 18:21 – USB Device Detection on Windows and Linux 27:59 – Summary and Closing Video Description In this video, we explore Active Response in Wazuh and demonstrate how it enables automated, real-time security actions instead of just alerting. The video includes three hands-on demos using real systems and real attack activity: Automatically detecting and blocking brute-force attacks on Windows and Linux Detecting BlackSuit ransomware behavior using activity-based detection and responding to confirmed malware Identifying authorized and unauthorized USB devices across Windows and Linux environments Throughout the demos, we show how Wazuh correlates events, executes active response scripts, and enforces security controls automatically to reduce response time and analyst workload.

Join Today
Wazuh SIEM & XDR: 6 - Syslog Monitoring and Attack Detection
▶︎

Wazuh SIEM & XDR: 6 - Syslog Monitoring and Attack Detection

Eine Billion – wie wir dadurch alle reicher werden
▶︎

Eine Billion – wie wir dadurch alle reicher werden

What is DNS? (and how it makes the Internet work)
▶︎

What is DNS? (and how it makes the Internet work)

Attacking AI - Jason Haddix - NDC Security 2026
▶︎

Attacking AI - Jason Haddix - NDC Security 2026

Automating Linux Endpoint Hardening with Wazuh | Improve CIS Compliance Automatically
▶︎

Automating Linux Endpoint Hardening with Wazuh | Improve CIS Compliance Automatically

China Just Built What TSMC Said Was Impossible
▶︎

China Just Built What TSMC Said Was Impossible

Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)
▶︎

Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)

Wazuh SIEM Tutorial — Build a FREE Home SOC & Catch Real Attacks Live
▶︎

Wazuh SIEM Tutorial — Build a FREE Home SOC & Catch Real Attacks Live

Cybersecurity Architecture: Who Are You? Identity and Access Management
▶︎

Cybersecurity Architecture: Who Are You? Identity and Access Management

DEF CON 32 - From getting JTAG on the iPhone 15 to hacking Apple's USB-C Controller - Stacksmashing
▶︎

DEF CON 32 - From getting JTAG on the iPhone 15 to hacking Apple's USB-C Controller - Stacksmashing

How to be Invisible Online using Expert OSINT techniques
▶︎

How to be Invisible Online using Expert OSINT techniques

Your Life as Every Rank in Cybersecurity
▶︎

Your Life as Every Rank in Cybersecurity

OWASP Top 10 2025: Your complete guide to securing your applications
▶︎

OWASP Top 10 2025: Your complete guide to securing your applications

We let AI buy a robot and a car, it does exactly what experts warned.
▶︎

We let AI buy a robot and a car, it does exactly what experts warned.

Wazuh SIEM & XDR: 1- Introduction and AD Attack Detection Demo Brute Force, Kerberoasting and DCSync
▶︎

Wazuh SIEM & XDR: 1- Introduction and AD Attack Detection Demo Brute Force, Kerberoasting and DCSync

How I Would Learn Cyber Security If I Could Start Over in 2026 (6 Month Plan)
▶︎

How I Would Learn Cyber Security If I Could Start Over in 2026 (6 Month Plan)

Model Context Protocol (MCP) Explained for Beginners: AI Flight Booking Demo!
▶︎

Model Context Protocol (MCP) Explained for Beginners: AI Flight Booking Demo!

Wazuh SIEM & XDR: 3 - File Integrity Monitoring & Malware Detection CDB, VirusTotal & Auto Response
▶︎

Wazuh SIEM & XDR: 3 - File Integrity Monitoring & Malware Detection CDB, VirusTotal & Auto Response

Wazuh SIEM & XDR: 4 - Vulnerability Detection, Configuration Assessment & Compliance
▶︎

Wazuh SIEM & XDR: 4 - Vulnerability Detection, Configuration Assessment & Compliance

Your VPN is About to Get Destroyed
▶︎

Your VPN is About to Get Destroyed