Guilgo Blog

Notes from my daily work with technology.

Prioritize critical patches in WSUS when Wazuh detects CVEs

From Vulnerability Detector alerts to controlled deployment on Windows

Practical workflow to approve and deploy only critical updates in WSUS when Wazuh alerts on vulnerabilities, with pilot groups and prioritization criteria.

Posted by David Guillermo on Friday, February 6, 2026

Monitoring Active Directory and Office365 with Wazuh: custom rules and critical events

How to deploy Wazuh as SIEM/XDR to meet cybersecurity requirements, detecting account lockouts, authentication failures and key events on Windows and Office365.

How to deploy Wazuh to monitor Active Directory and Office365 with custom rules in local_rules.xml, critical EventIDs and centralized Kibana dashboards.

Posted by David Guillermo on Thursday, August 28, 2025