Become an ambassador
"Wazuh is an open-source Security Information and Event Management (SIEM) tool that provides real-time security monitoring, threat detection, and incident response capabilities. Wazuh allows investigation by collecting, analyzing, and correlating security events from various sources like logs, files, and network traffic. It integrates well with other security tools, offering flexibility to extend its functionalities through external modules like Elastic Stack (Elasticsearch, Logstash, Kibana) for enhanced data analysis and visualization. Creating custom rules in Wazuh is essential for detecting specific threats tailored to an environment. Rules are written in XML and define conditions that match specific log patterns or security events. Users can create or modify rules to handle various types of incidents, from brute force attacks to malware detection. Wazuh provides dashboards through Kibana for visualizing security data. Users can create custom dashboards to monitor key security metrics and events like intrusion attempts, vulnerability scanning results, and agent status. This offers a user-friendly interface to keep track of security posture. Decoders in Wazuh parse and normalize raw log data into structured formats. This helps Wazuh identify relevant information from different log sources and convert it into a standard format that can be used for rule matching and analysis etc."
Muhammad Jawwad
Pakistan
Team Lead – Information Security
/ Commtel
I’m a passionate Information Security Analyst (L2) with proven experience in SOC operations, incident response, and data protection.
I specialize in Governance, Risk, and Compliance (GRC), and excel as a Wazuh SIEM engineering and integration expert.
With certifications in ISO/IEC 27001 and advanced DLP tools, I bring a proactive approach to securing systems, ensuring compliance, and driving resilient cybersecurity strategies.