search

wazuh / wazuh-documentation

Wazuh - Project documentation
https://wazuh.com
195 stars 347 forks source link

Documentation for hardening Wazuh manager server #3518

Open maumrsms opened 3 years ago

maumrsms commented 3 years ago

Hello team! It would be very useful to have a document or guide that explains how to properly harden the Wazuh Manager server (also Elastic stack servers if possible too). At least a detail of the things we need to have in mind when using third-party hardening methods. Don't hesitate to reach out to me if needed!

therealak12 commented 3 years ago

Hi. Any update on this?

ptrsimon commented 3 years ago

Hi, it would also be useful to highlight the dangers of allowing remote commands on agents in this hardening guide, possibly also in other places of the docs. I'm also glad to help with this.

gmcyber commented 1 year ago

So, to hop in here. I'm teaching a class in enterprise security controls this semester and we are using wazuh as our logging platform. I'm considering working with my students to make a hardening guide as one of the projects. I'm relatively new to wazuh but have noticed the same issue that @ptrsimon pointed out. I have a very brief discussion of it here: https://greenmountaincyber.com/blog/feature-or-vulnerability

If such a guide already exists, please point me to it. If not, I'm glad to facilitate tag teaming a draft guide with collaboration from those interested.

ClementCastel commented 1 year ago

So, to hop in here. I'm teaching a class in enterprise security controls this semester and we are using wazuh as our logging platform. I'm considering working with my students to make a hardening guide as one of the projects. I'm relatively new to wazuh but have noticed the same issue that @ptrsimon pointed out. I have a very brief discussion of it here: https://greenmountaincyber.com/blog/feature-or-vulnerability

If such a guide already exists, please point me to it. If not, I'm glad to facilitate tag teaming a draft guide with collaboration from those interested.

Hello @gmcyber , I am a student and would be very interested to learn more about the course you are giving. How can I contact you to discuss about it if you have time ? Also, did you have time to work on a hardening guide, I am also interested on this.

Thank you for your time, Best regards, Clément

PUDPUD commented 1 year ago

any update?