Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings.
Wazuh system comprises an endpoint security agent installed on monitored systems and a management server that processes and examines the data from these agents. Additionally, it seamlessly integrates with the Elastic Stack, offering a search and data visualization feature that lets users explore their security notifications.
Wazuh capabilities:
- Intrusion detection
- Log data analysis
- File integrity monitoring
- Vulnerability detection
- Configuration assessment
- Incident response
- Regulatory compliance
- Cloud security
- Container security
The platform is available on GitHub.