Hi everyone,
the team is pleased to announce the release of Wazuh 3.10.0. This new version comes with lots of additions and improvements. Here are some highlights of the new Wazuh release:
HIPAA and NIST 800-53 compliance support
The new Wazuh release helps users achieve alignment with HIPAA and NIST 800-53 requirements:
- Mapping added to the Security Configuration Assessment module policies.
- 981 Wazuh rules have been mapped to support HIPAA and NIST 800-53 compliance.
- Our App now includes two new regulatory compliance dashboards:
Security Configuration Assessment module
The SCA module has been heavily refactored and cleaned up:
- Policies now contain HIPAA and NIST 800-53 mapping.
- The internal engine rework improves SCA performance and reliability.
- Policy syntax is more user-friendly: Checks logic inversion allows for more coherent policies expression.
- A new numeric comparator supports more rules types.
The policies have been fully reviewed, and the module refactor has been adapted to support additional platforms. In addition, the compliance mapping information is now part of the alert groups.
Enhanced Wazuh ruleset
We have added support for several technologies through new decoders and rules:
- Rules for the VIPRE antivirus.
- Support for Cisco-ASA devices with new rules and decoders.
- Added Windows Software Restriction Policy rules.
- Added Perdition (imap/pop3 proxy) rules.
- Added support for NAXSI web application firewall.
Agent summary API request
The new API call provides users with an accurate snapshot of the situation: groups list, agents OS distribution list, cluster nodes count, detailed information for the last registered agent, etc.
GET /summary/agents { "error": 0, "data": { "agent_status": { "Total": 6, "Active": 6, "Disconnected": 0, "Never connected": 0, "Pending": 0 }, "agent_version": { "items": [ { "version": "Wazuh v3.10.0", "count": 1 }, { "version": "Wazuh v3.9.5", "count": 5 } ], "totalItems": 6 }, "last_registered_agent": { "os": { "arch": "x86_64", "codename": "Bionic Beaver", "major": "18", "minor": "04", "name": "Ubuntu", "platform": "ubuntu", "uname": "Linux |ee7d4f51c0ae |4.18.0-16-generic |#17~18.04.1-Ubuntu SMP Tue Feb 12 13:35:51 UTC 2019 |x86_64", "version": "18.04.2 LTS" }, } }
Agent registration guide
The Wazuh App now has an interactive and user-friendly guide which includes a copy & paste snippet designed to expedite the agent registration process for significantly simpler and smoother agent deployment.
Further information and documentation can be found in the following URLs:
- Release notes
- Wazuh core changelog
- Wazuh API changelog
- Wazuh Ruleset changelog
- Kibana app changelog
- Splunk app changelog
- Project documentation
- Packages list
We would also like to thank our developers, contributors, and users. We are looking forward to your feedback, so please don’t hesitate to post on our mailing list if you have any questions. You can also join our #community Slack channel.