📜 Post with us on Reddit
📝 Create a new article
🏭 Create a company page
🇬🇧 - in English
🇫🇷 - en Français (FR)
🇵🇹 - em Português (PT)
🇩🇪 - in Deutsch (DE)
🇯🇵 - 日本語で (JA)
Sponsored articles

You can edit almost every page by Creating an account. Otherwise, see the FAQ.

Wazuh

From EverybodyWiki Bios & Wiki


Wazuh
Wazuh Logo
Developer(s)Wazuh Inc
Stable release
4.1.5 / 22 April 2021
Engine
    Operating systemCross-platform
    LicenseGNU GPL v2
    Websitewazuh.com

    Search Wazuh on Amazon.Wazuh is an open-source host-based intrusion detection system (HIDS) and Security Information and Event Management (SIEM) tool.

    Wazuh has a centralized, cross-platform architecture allowing multiple systems to be monitored and managed easily. It provides a security solution capable of monitoring infrastructures, detecting threats, intrusion attempts, system anomalies, poorly configured applications and unauthorized user actions. It also provides a framework for incident response and regulatory compliance.[1][2][3]

    Wazuh 4.0 was released on November 26, 2020.[4]

    History[edit]

    Wazuh was founded in 2015 by Santiago Basset as a fork of OSSEC[5]

    It is headquartered in Silicon Valley, California, although it has a global presence with a 100+ team distributed across the United States, Spain and Argentina.

    Software components[edit]

    Wazuh consists of three main components: the agent, the server, and the Elastic Stack.

    • The Wazuh lightweight agent is designed to perform a number of tasks with the objective of detecting threats and, when necessary, trigger automatic responses. It can run on many different platforms, including Windows, Linux, Mac OS X, AIX, Solaris and HP-UX. They can be configured and managed from the Wazuh server.
    • The Wazuh server is in charge of analyzing the data received from the agents, processing events through decoders and rules, and using threat intelligence to look for well-known IOCs (Indicators Of Compromise). A single Wazuh server can analyze data from hundreds or thousands of agents, and scale horizontally when set up in cluster mode.
    • Alerts generated by Wazuh are sent to Elasticsearch, where they are indexed and stored. The Wazuh Kibana plugin provides a powerful user interface for data visualization and analysis, that can also be used to manage and monitor the configuration and status of the agents.

    See also[edit]

    External links[edit]

    References[edit]

    1. "Best Host-Based Intrusion Detection Systems (HIDS) Tools & Software!". PC & Network Downloads - PCWDLD.com. 2020-01-06. Unknown parameter |url-status= ignored (help)
    2. "Improve Security Analytics with the Elastic Stack, Wazuh, and IDS". Elastic Blog. 2018-10-23. Retrieved 2021-05-13.
    3. "Wazuh – Open Source Host and Endpoint Security | Cybersafe News". 2017-12-20. Retrieved 2021-05-20.
    4. Son, Do (2019-07-31). "wazuh v4.2 RC5 releases: Host and endpoint security • Penetration Testing". Penetration Testing. Retrieved 2021-05-20.
    5. "OSSEC Wazuh, un monitor de seguridad para redes de ordenadores". RedesZone (in español). 2016-08-26. Retrieved 2021-05-13.


    This article "Wazuh" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Wazuh. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.


    Retrieved from "https://en.everybodywiki.com/index.php?title=Wazuh&oldid=2234255"
    License CC BY-SA 3.0
    Powered by MediaWiki
    Powered by Semantic MediaWiki