Complete Wazuh Course! From Basic To Advanced V2025

Learn the best open source SIEM/XDR system! Learn about Threat Hunting, Malware Detection, Vulnerability Detector.

What you'll learn

Learn effective cybersecurity in practice!

Use Wazuh to protect and monitor your entire network!

Install Wazuh Server and Agents on Linux and Windows systems

Perform Malware Detection

Integrating Sysmon to Detect Fileless Malware

Collecting logs from your Antivirus

Requirements

Must have basic knowledge of Linux, such as editing files/directories and updating and installing programs

Description

Learn effective cybersecurity in practice!In this course, we will study everything about the best open source SIEM and XDR system in the world, Wazuh!This course is complete and updated for 2025!Wazuh is a free and open source defensive cybersecurity platform that unifies XDR and SIEM capabilities.It protects workloads in on-premises, virtualized, containerized, and cloud-based environments.What is SIEM?SIEM stands for Security Information and Event Management.It is a software model that combines security information management (SIM) and security event management (SEM) to help organizations detect, analyze, and respond to security threats.And what is XDR?XDR (Extended Detection and Response) uses AI and machine learning to automatically detect, respond, and mitigate cyberattacks. Machine learning creates profiles of suspicious behavior, which are flagged for analysis by analysts.XDR collects and correlates data from multiple layers of security, such as endpoints, network, cloud, email, identity, access management, and more.What will we learn in this course?* Log analysis* Intrusion detection* Real-time alerts* Integrations* Incident response* Cloud monitoring* Learning about MITRE ATT&CK* Follow good security practices* Use of Artificial Intelligence (AI)* Regulatory compliance* Cluster with Wazuh Servers* Creating Dashboards in Grafana* Wazuh Monitoring by Zabbix* Docker Monitoring* and much more!

Overview

Section 1: Introduction

Lecture 1 Introduction to the Wazuh course

Lecture 2 Architecture

Section 2: Environment Preparation

Lecture 3 Installing VirtualBox

Lecture 4 Installing Rocky Linux 9

Lecture 5 Using SSH via PowerShell on Windows

Section 3: Installing and customizing Wazuh

Lecture 6 Assisted installation of Wazuh Server

Lecture 7 Quick installation with OVA

Lecture 8 Agent Installations on Windows

Lecture 9 Agent Installations on Linux

Lecture 10 Considerations before upgrading

Lecture 11 Upgrading the Wazuh Server

Lecture 12 Upgrading Wazuh Agent

Lecture 13 Centralized agent configuration by groups

Section 4: Cluster with Wazuh Servers

Lecture 14 Presentation of the HA scenario

Lecture 15 Installing Wazuh Indexer

Lecture 16 Installing Wazuh Manager

Lecture 17 Installing Wazuh Worker

Lecture 18 Dashboard Installation

Lecture 19 HAProxy for load balancing in Wazuh

Section 5: Malware Detection

Lecture 20 Introduction to the section - Malware

Lecture 21 Collecting Windows Defender logs

Lecture 22 FIM in Windows

Lecture 23 FIM who-data configuration

Lecture 24 Optional Settings

Lecture 25 Windows Registry

Lecture 26 Working with CDB lists

Lecture 27 VirusTotal Integration

Professionals working in the security field,Technology students in general