Introducing Wazuh LLM: Fine-Tuned Llama 3.1 for Security Event Analysis

 Posted on October 2, 2025  (Last modified on October 3, 2025)  |  9 minutes  |  1916 words  |  pyToshka  • Other languages: Русский

Introducing Wazuh LLM: Why Specialized Security Analysis Matters

In the cybersecurity world, SOC specialists deal with massive streams of security events daily. Analyzing each alert requires deep knowledge, experience, and time. That’s why I created a specialized language model to assist security analysts in their day-to-day operations.

[Read More]
devsecops  wazuh  security  research  devops  llm  ollama  machine learning  cybersecurity  automation  monitoring  incident response  threat intelligence  security operations  log analysis  ai  fine-tuning  MITRE ATT&CK 

Building ML-Powered Threat Intelligence with Honeypot Datasets on Hugging Face

 Posted on September 24, 2025  (Last modified on October 2, 2025)  |  10 minutes  |  2050 words  |  pyToshka  • Other languages: Русский

Introduction

Picture this: you’re staring at security logs with thousands of events streaming in daily. Which ones are actually dangerous? Which can you safely ignore? Traditional signature-based detection is like playing whack-a-mole with cybercriminals — they’ve gotten really good at dodging known signatures faster than we can create them.

[Read More]
machine learning  cybersecurity  honeypot  threat intelligence  datasets  hugging face  anomaly detection  network security  attack classification  security analytics  devsecops  feature engineering  threat hunting 

Enhancing Wazuh with Ollama: Boosting Cybersecurity (Part 4)

 Posted on March 1, 2025  (Last modified on October 2, 2025)  |  7 minutes  |  1344 words  |  pyToshka  • Other languages: Русский

Continuing the Series: Integrating a Wazuh Cluster with Ollama — Part 4. Configuration and Implementation

Series Navigation:

[Read More]
devsecops  wazuh  security  research  devops  llm  ollama  machine learning  cybersecurity  automation  monitoring  incident response  threat intelligence  security operations  log analysis  ai 

Enhancing Wazuh with Ollama: Boosting Cybersecurity (Part 3)

 Posted on February 27, 2025  (Last modified on October 2, 2025)  |  4 minutes  |  849 words  |  pyToshka  • Other languages: Русский

Wazuh and Ollama: Part 3. Creating Integration Between Your Wazuh Cluster and Ollama

Series Navigation:

[Read More]
devsecops  wazuh  security  research  devops  llm  ollama  machine learning  cybersecurity  automation  monitoring  incident response  threat intelligence  security operations  log analysis  ai 

Enhancing Wazuh with Ollama: Boosting Cybersecurity (Part 2)

 Posted on February 26, 2025  (Last modified on October 2, 2025)  |  4 minutes  |  640 words  |  pyToshka  • Other languages: Русский

Wazuh and Ollama: Part 2. Deploying the Wazuh Cluster

Series Navigation:

[Read More]
devsecops  wazuh  security  research  devops  llm  ollama  machine learning  cybersecurity  automation  monitoring  incident response  threat intelligence  security operations  log analysis  ai 

Enhancing Wazuh with Ollama: A Cybersecurity Boost (Part 1)

 Posted on February 24, 2025  (Last modified on October 2, 2025)  |  3 minutes  |  570 words  |  pyToshka  • Other languages: Русский

Introduction

Welcome to the first part of our guide on enhancing Wazuh with Ollama!

[Read More]
devsecops  wazuh  security  research  devops  llm  ollama  machine learning  cybersecurity  automation  monitoring  incident response  threat intelligence  security operations  log analysis  ai 

Mitigation Anomaly Revelation Keeper(MARK)

 Posted on December 4, 2024  (Last modified on October 2, 2025)  |  2 minutes  |  226 words  |  pyToshka  • Other languages: Русский

Overview

Mitigation Anomaly Revelation Keeper (MARK) is an advanced security platform designed to proactively defend against cyber threats by leveraging cutting-edge IP reputation analysis and machine learning. With a focus on identifying and neutralizing malicious actors, MARK offers unparalleled insight into attacker behavior and statistical trends to fortify your organization’s defenses.

[Read More]
devsecops  security  research  devops  ip reputation  malware analysis  incident response  threat intelligence  machine learning  automation  soc tools 

Honeypot cluster for security research

 Posted on November 5, 2024  (Last modified on October 2, 2025)  |  2 minutes  |  328 words  |  pyToshka  • Other languages: Русский

Introduction

To dive into attack research and build a database of potential attackers, I thought it’d be a great idea to set up my own infrastructure for analyzing security events.

[Read More]
devsecops  honeypot  security  research  devops  kubernetes  proxmox  virtualization  threat intelligence  security infrastructure