Enabling Cybersecurity Defenses: Advanced Endpoint Detection, Data Breach Identification, and Anomaly Resolution

Enabling Cybersecurity Defenses: Advanced Endpoint Detection, Data Breach Identification, and Anomaly Resolution

연구 분야: Safety

학회: 2024 8th International Conference on Inventive Systems and Control (ICISC)

The major purpose of this research project is to study the potential of merging Osquery with Wazuh while simultaneously boosting system and security monitoring. Osquery is an operating system instrumentation framework, while Wazuh is a platform for security information and event management (SIEM). When coupled, they offer a full solution for real-time threat identification, network activity monitoring, and anomaly detection. The setup, configuration, rule development, and active response of Osquery and Wazuh make up the bulk of the study. The study also reveals how these two technologies may work together to boost cybersecurity defenses. A framework for establishing customized anomaly detection criteria and proactive response tactics is also offered in this research study, illustrating the practical applicability of this integrated approach to IT system safety. The results section highlights how rapidly Osquery and Wazuh work together to discover and fix security vulnerabilities. The operation and performance of the proposed system are also explored in this study. The conclusion presents a summary of the study’s most important results and proposes potential options for future research that may be undertaken to enhance Osquery and Wazuh’s capabilities to secure digital assets.