<![CDATA[Tangerang City has the most applications in Indonesia, with 222 applications. All of these applications are supported by more than 100 servers located in the data center of the Tangerang City Communication and Information Agency. The large number of servers and applications that are managed brings up new problems in the midst of increasing complex cyber threats, especially in government data centers. One of them is how to monitor and respond quickly when there is an attack on the existing system. The implementation of a cyber security system based on Wazuh, Shuffle, and YARA is able to monitor threats in realtime and automate responses against attacks. Wazuh acts as a log-based monitoring and detection platform and behavior analysis, Shuffle is used to automate incident response through integrated workflow, and YARA is applied for signature-based malware identification. The PPDIOO (Prepare, Plan, Design, Implement, Operate, Optimize) method used in this research is used as a framework in designing and evaluating the system. From the research conducted, it is expected that Wazuh successfully monitors anomalies that occur on the server which will then be forwarded to Shuffle to automate the next steps to be taken. YARA integrated with Wazuh also successfully detects and quarantines malicious files that enter the server automatically based on the available signature list.]]>
Copyrights © 2025
