Please make more videos with Wazuh!! I love this security videos.

A small contribution to make more non-advertised videos about security possible

On the topic of ClamAV's subpar detection, using ClamAV with fangfrisch is a must. It adds a bunch of 3rd party signatures to ClamAV that makes it comparable to commercial Antivirus solutions.

I've been labbing for years and only recently started applying my 20 years experience (Sr. DevSecOps Engineering) to building my lab into the division of production (DMZ) and RnD (dev+test). This video was truly helpful to understand that FOSS can be use fully to protect my start-up-business-idea-in-home-lab equipment! Thank you for your videos and work you put in to making them; keep it up!

Another informative video. Keep it up Christian!

Thanks for making this kind of videos, as an cybersecurity student it helps me a lot!

Obrigado!

Wazuh is actually really good. I would take sponsored videos that are good content.

What's the point when ClamAV misses about 80% of viruses compared to others?

Thanks for sharing! Would like to see more of this!!

Thanks Christian for sharing about ClamAV. After setting up ClamAV, I believe it is a bit lacking to demo malware logging solution to log. ClamAV logging format is not normal, no standardized format which ingesting difficult to any SIEM platform. Installation of ClamAV is also a pain to setup. There are over 8 libraries I had to setup on Redhat. After getting ClamAV and ClamDaemon installed and configured, you’ll need to schedule a cron to run scans. ClamAV daemon doesn’t monitor files automatically. Verbose logging is also lagging. ClamAV cannot send logs via remote syslog server.

Great video! I was already aware of clamav but had never taken it further than the command line. You’ve definitely piqued my interest in Wazuh; I’m curious to see what else we could do with it.

Wazuh provides a pre-built virtual machine image in Open Virtual Appliance (OVA) format. It uses Amazon Linux 2 as the OS. It is my understanding that AL2 is basically forked Redhat, but I still feel uneasy running an Amazon rolled OS. How crazy is this? any thoughts?

Has there been a mitigation on cups yet?

@christianlempa do you have anywhere the config files in a repo or something? Also my question is, is it possible to use clamav on a dedicated container/Lxc/VM to scan a few systems or a entire dedicated network? Looking for such a solution for my Homelab.

Didn't clamAV have some big issue last year? Are they better now? Never heard anything after that report about them fixing anything

Does anyone know about Falco Security? Its seems good though and its docker based.

Hello Christian. It would be wonderful to get a solution for Spam/AV scanning on WINDOWS 11. I mean, I have Outlook 2019 running on an IMAP mail gate of my DNS provider and Iget SPAM thats not normal. How can I avoid this? Best regards Martin

Too bad Avira stopped offering AV for Linux. If anything, just use TLS / HTTPS decrypt and scan using Avira through the Sophos Firewall

It was 🔥🔥🔥.

First time I ever watched this channel, but I will bite myself in the butt (or try my best to) if Christian isn't German! Well a good indicator he's more likely to know what he is talking about than not. On the topic of Clam AV: I think its great 🤫but also still scares me for being so used to Popups, with update notifications, virus and malware warnings, only to tell you you may have a virus, get it wrong often, and has warnings for things it does a poor job at removing without breaking all sorts, or not removing anything at all, even when up to date... and to really do what they say they can do turns out to be mostly just give you a clue, pretending it's doing you a favor, and you end up having to do the most of the removal manually or risk it taking out stuff, and justifying it's price by how well it prevents intrusion while annoying you more than anything else! I have had them from DOS, and all flavors of Windows, home, media pro NT's and all, Up to 7 before I nuked Windows, ditched everything Microsoft, even busted up all install media to have no fallback to pull me away from getting with the Linux program, and forced myself through Linux boot camp! Freakin' best computing decision I ever made! The scary part is that I never had even the slightest sign of a virus, nor any other malware, nor even the slightest peep ever from it, which is troubling, because it feels like it's not running at all, and could at least tell me like 4 times a year "Hey I'm still here doing my thing, everything is A-OK,so nothing to worry about, see you in three months"! I don't even know if it has ever found an intrusion, or so good at eliminating them there's no need to bother me with it!?!?!?🧐🤔

It’s a shame this whole video is an ad. I’d love to watch an unsponsored video on how to secure my servers

👏👏👏

its possible use this one in proxmox?