Initial commit - 611 cybersecurity skills across all subdomains

This commit is contained in:
mukul975
2026-02-25 10:47:44 +01:00
commit 22a7ab1462
1765 changed files with 280648 additions and 0 deletions
@@ -0,0 +1,47 @@
# Workflows - Configuring Host-Based Intrusion Detection
## Workflow 1: Wazuh HIDS Deployment
```
[Deploy Wazuh Manager]
[Configure FIM, rootcheck, and log analysis modules]
[Deploy agents to pilot endpoints]
[Establish baseline (48 hours)]
[Tune rules: suppress false positives, add exclusions]
[Deploy agents to production fleet]
[Integrate with SIEM]
[Create dashboards and alert workflows]
```
## Workflow 2: FIM Alert Investigation
```
[FIM alert: File modified]
[Check file path and change details]
├── Known system update ──► [Correlate with patch window, close alert]
├── Authorized config change ──► [Verify change ticket, close alert]
└── Unauthorized change ──► [Investigate]
├── Determine who/what changed the file
├── Review process tree and timeline
├── Malicious ──► [Escalate to IR]
└── Operational ──► [Update change process]
```