Wazuh

What is it?

Wazuh is a security operations tool

Wazuh - Open Source XDR. Open Source SIEM.

How do we use it?

We use wazuh for many things:

• Tracking vulnerable packages

  • Wazuh Vulnerability Detection

• Collecting and analysing logs

  • Wazuh Log Collection and Analysis

• Looking for misconfigurations and breaches of compliance

  • Wazuh Configuration Assessment

• Looking for indicators of compromise

  • Wazuh File Integrity Monitoring

• Addressing vulnerabilities and incidents

  • Wazuh Auto Remediation

How might it affect you?

You will see the wazuh-agent service running on your instances

The agent may make various changes to your instances to either enforce compliance or address possible compromises

Do you need to do anything?

We will contact you about any issues found and advise you of remediations.