Maximizing Backup Security: Veeam-Wazuh Integration Syslog I previously wrote a blog post on custom Integration for Wazuh & Veeam. This allowed any rules that were triggered or matched in Wazuh from multiple sources , to initiate a call to Veeam via the incident API this would initiate a Quick backup to preserve data in a on-going attack & would flag any existing backup images within the time frame as Infected or containing malicious code. Link here : http://www.mritsurgeon.co.za/2024/01/orchestrating-cybersecurity-resilience.html In this post here i take it a little bit further and we look at integrating Veeam events via Syslog into Wazuh. In Veeam V12.1 Veeam added syslog integration for SIEM , so that Security professionals or anyone monitoring a SOC can see events around the backup infrastructure. Why is this important: Malicious actors generally target backup infrastructure to ensure organizations have no ability to recover post the rest of their exploit / ki
All About Tech , My views and Opinions are my own. We continuously learn and blogging is a community. Comment , Like , Share , Collaborate