A follow-up to my Wazuh threat intelligence pipeline: replacing the local OpenCTI producer script with a Django/Celery service, Wazuh CDB exports, and retro-hunting against historical alerts.
24 June, 2026 00:00 CEST