Affiliation:
1. Management and Science University, Malaysia
Abstract
As the first line of protection against cyberattacks, the SOC requires an effective system that can quickly and accurately identify threats. An excellent option for improving SOC operations is Wazuh, an open-source security platform with several features like log management, intrusion detection, and threat intelligence. This study highlights Wazuh's role in enhancing real-time threat analysis capabilities by exploring the approaches and best practices for integrating it into the current SOC architecture. The study assesses how Wazuh integration improves threat identification, incident response times, and the SOC environment's overall security posture. In-depth research on Wazuh's integration for real-time threat analysis and vulnerability assessment in a security operations center (SOC) setting is presented in this chapter. The study offers insightful advice and useful recommendations for businesses looking to use Wazuh to strengthen their SOC defences and, eventually, strengthen their cybersecurity posture against changing threats.
Reference31 articles.
1. Ahn, G., Kim, K., Park, W., & Shin, D. (2022). Malicious File Detection Method using Machine Learning and Interworking with MITRE ATT&CK Framework. Applied Sciences. https://consensus.app/papers/file-detection-method-using-machine-learning-ahn/9cd68ca9474a50968eeb4f06f2507fd8
2. Detecting Phishing Website Using Machine Learning
3. Filtering Events using Clustering in Heterogeneous Security Logs
4. Barrett, M. A., Marron, J., Pillitteri, V., Boyens, J. M., Quinn, S. R., Witte, G. A., & Feldman, L. (2020). Approaches for federal agencies to use the cybersecurity framework. https://consensus.app/papers/approaches-agencies-cybersecurity-framework-barrett/f569def3212055bbad7271015615c75c
5. Elastic. (n.d.). Elastic Stack: Elasticsearch, Kibana, Beats, and Logstash. Retrieved from https://www.elastic.co/elastic-stack