Wazuh and Sysinternals Integration. Part I — Finding Persistent Footholds


Sysinternals — Autoruns

Sysinternals and Virus Total.

Integrating Autoruns and Wazuh Agent.

SOCFortress — Persistent Foothold Reports.

Autoruns — Signatures found in Virus Total
Signatures by Software Vendor and Category
Autoruns — Events Details.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

SOCFortress is a SaaS company that unifies Observability, Security Monitoring, Threat Intelligence and Security Orchestration, Automation, and Response (SOAR).