From the course: Complete Guide to Open Source Security
Join today to access over 24,800 courses taught by industry experts.
Activating vulnerability scanning
From the course: Complete Guide to Open Source Security
Activating vulnerability scanning
- [Instructor] Vulnerability scanning isn't enabled by default in Wazuh. And if we select an agent, app01, and have a look, we can see there's no results and no scans have been run. Let's activate the targets we want scanned. We can do this in the vulnerability detector portion of the main configuration. Sudo nano/var/ossec/etc/ossec.conf. And if we go down to the vulnerability scanning section, the vulnerability detector is currently not enabled, so we'll enable that and we'll enable scanning on Ubuntu and Debian Systems. Oh, Windows is already enabled. Okay, we'll now sudo systemctl restart wazuh-manager. Back in the portal, we'll refresh and we find there's no change. Wazuh is currently downloading the vulnerability definitions and once complete, we'll run a scan. Okay, we're back now and Wazuh has completed its update and run its first scan. We can see on app01 that we have plenty of vulnerabilities to check. If we click on the 23 critical vulnerabilities, the list at the bottom…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
(Locked)
Installing the Wazuh SIEM5m 24s
-
(Locked)
Installing a Wazuh Linux agent3m 20s
-
(Locked)
Installing a Wazuh Windows agent1m 32s
-
(Locked)
Collecting Nginx logs in Wazuh5m 20s
-
(Locked)
Monitoring an attack with Wazuh4m 48s
-
(Locked)
Detecting web shells with Wazuh7m 42s
-
(Locked)
Activating vulnerability scanning3m 45s
-
(Locked)
-
-
-
-
-
-
-