Blog

Collection of articles focused on my best practices

Articles

Wazuh Upgrade Automation Script
This is a shell script I created based on Wazuh’s official Central Components Upgrade Guide to simplify the upgrade process.
Automated File Integrity Monitoring Deployment Using Ansible on Wazuh
This solution provides a fast, structured, and repeatable way to configure file integrity monitoring across multiple Wazuh agents.
Detecting Suspicious Office 365 Emails with Wazuh
In this scenario, I demonstrate my approach for alerting on suspicious emails received in the Office 365 email ecosystem using Wazuh. The alerting logic is based on SPF/DKIM/DMARC DNS records configured on the sender’s domain.
Blocks-lab: Introduction
This write-up summarizes the purpose of the lab and the scope of the implementation. “A SIEM (Security Information and Event Management) is a cybersecurity solution that centrally collects, analyzes, and evaluates security logs and events originating from networks and systems” Google Gemini Problem definition My experience in the field is manual deployment of Wazuh, and […]
Setting the Stage: Create Ubuntu Lab on AWS with Terraform
Info: The code and process described here may change as the lab deployment evolves. Always check for the latest updates in the repository before proceeding. Introduction The iac (Infrastructure as Code) directory in my blocks-lab GitHub repository provides an easy way to create a basic Ubuntu server on AWS. This setup is ideal for beginners […]