<![CDATA[In an era of widespread information system usage across various sectors, digital threats to organizations have become increasingly significant. These threats have the potential to disrupt operations and result in substantial financial losses. One enduring threat is brute force attacks, which exploit human tendencies to use easily remembered passwords. By utilizing The Security Lifecycle Methodology, this research aims to identify an efficient and cost-effective solution to enhance information system security and continuously evaluate the implemented solution rather than stop right after the policy or solution implementation. The study proposes the utilization of the open-source Security Information and Event Management (SIEM) platform, Wazuh. When combined with the Active Response feature, this platform not only detects security threats but also automatically takes mitigating actions against detected attacks. Additionally, the integration with the Telegram messaging application streamlines the SIEM monitoring process, making it more practical and efficient. After implementation, the testing phase confirms the effectiveness of the implemented solution as the Wazuh SIEM is able to detect 100% of brute force testing scenarios in multi- protocol attacks with an average of 80,51 seconds time required to detect brute force attacks with a 1-second interval between attack, 172,18 seconds for 10-seconds attack interval, and 434,58 seconds for 30-seconds attack interval. The active response can mitigate 100% of the detected brute force attack with only 0,51 seconds time required between detection and mitigation action taken. The implemented telegram integration successfully sends all the notifications on time to Telegram Chat by utilizing Telegram API.]]>
Copyrights © 2024
