Security Thoughts

Security Notes

Welcome to my thoughts notebook! Here, I share my notes on cyber security topics. I hope you find the information helpful and engaging. If you have any questions or suggestions, feel free to reach out!

Building Audit Trails for Zoho Mail: Real-Time Admin Monitoring with Wazuh

wazuh zoho siem security monitoring compliance iso27001 email security audit

A guide to integrating Zoho Mail administrative audit logs with Wazuh SIEM using Logstash, creating custom decoders and detection rules, and mapping events to ISO 27001 compliance controls.

Integrating Keeper Security Event Logs with Wazuh SIEM

wazuh keeper siem security monitoring audit enterprise security

A guide to forwarding Keeper enterprise suite audit logs to Wazuh for centralized security monitoring, creating custom decoders to parse authentication, vault access, and privileged session events, and building detection rules for suspicious activity.

Managed privileged access: implementing a KeeperPAM POC

privileged access management pam keeper zero-trust security

From deployment to first connection: A step-by-step proof of concept showing how KeeperPAM delivers agentless privileged access management with just-in-time identity creation and secure session recording.

Monitoring MikroTik RouterOS with Wazuh

wazuh mikrotik siem security routeros

A walk-through guide of the process of configuring MikroTik RouterOS to send its logs to a Wazuh server, then create custom decoders and rules to make sense of that data and get alerts that the security teams can act on.