This training focuses on the practical implementation of a SIEM system using the Wazuh platform. Participants are guided step-by-step through the installation, configuration, and launch of the environment, both on-premises and in the cloud.
The training covers connecting endpoints (servers, workstations) and integrating various log sources. Participants learn how to create correlation rules that detect threats and anomalies in the IT infrastructure. Special emphasis is placed on practical application, including creating custom decoders and rules for systems not natively supported by Wazuh.
Additionally, the training covers integration with popular cloud services such as Microsoft 365 and Google Workspace, which allows for centralized monitoring and increased event visibility across the organization.
Working with the Wazuh platform is a key part of the training. Participants will learn its basic features, integration methods, and security event analysis capabilities.
Finally, practical incident detection scenarios are discussed, demonstrating how to leverage SIEM to increase visibility and security within an organization.
System and network administrators, SOC analysts and security specialists, DevOps/SecOps engineers, SIEM implementation and maintenance professionals, IT professionals who want to gain practical skills in working with Wazuh.
live and in-persons