Docker has revolutionized the way to deploy applications, offering scalability, consistency, and efficiency. However, these benefits come with security challenges...
We are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]
Read more
/ Releases
Introducing Wazuh 4.9.0
We are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]
Read moreNetwork and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]
Read more
Ensuring NIS2 compliance with Wazuh
Network and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]
Read moreSan Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read more
/ News
Wazuh Partners with ActionLabs to Enhance Managed IT Services
San Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read moreCross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read more
Managing multiple Wazuh clusters with Cross-Cluster Search
Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read moreDaolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]
Read more
Daolpu infostealer detection and response with Wazuh
Daolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]
Read moreThe Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]
Read more
Achieving CJIS compliance with Wazuh
The Criminal Justice Information Services (CJIS) security policy 2022, version 5.9.1, establishes the standards for safeguarding sensitive criminal justice information (CJI) in the United States. Issued by the FBI, this policy specifies the necessary security measures to maintain the confidentiality, integrity, and availability of CJI throughout its lifecycle. It imposes stringent controls on data access […]
Read moreLearn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.
Read more
How to configure Rsyslog client to send events to Wazuh
Learn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.
Read moreAn improved security alerting system enhances data breach prevention, ensures compliance, and streamlines operations through timely detection and efficient alert management. In exploring security alerting options for improved threat detection in Wazuh – Part 1, we covered the basic configuration and the first two monitor types. Now, let’s explore the remaining monitor types for better […]
Read more
Exploring security alerting options for improved threat detection in Wazuh – Part 2
An improved security alerting system enhances data breach prevention, ensures compliance, and streamlines operations through timely detection and efficient alert management. In exploring security alerting options for improved threat detection in Wazuh – Part 1, we covered the basic configuration and the first two monitor types. Now, let’s explore the remaining monitor types for better […]
Read moreImperva Cloud WAF is a web application security firewall that protects against security threats, including OWASP Top 10, such as cross-site scripting, illegal resource access, and remote file inclusion. Web applications are common targets for cybercriminals who aim to exploit vulnerabilities and gain unauthorized access. Wazuh is a free and open source SIEM and XDR […]
Read more
Integrating Imperva cloud web application firewall (CWAF) with Wazuh
Imperva Cloud WAF is a web application security firewall that protects against security threats, including OWASP Top 10, such as cross-site scripting, illegal resource access, and remote file inclusion. Web applications are common targets for cybercriminals who aim to exploit vulnerabilities and gain unauthorized access. Wazuh is a free and open source SIEM and XDR […]
Read moreAmazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]
Read more
Wazuh integration with Amazon Security Lake as a custom source
Amazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]
Read moreSan Jose, California, July 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a strategic partnership with ISS Technologies, a leader in delivering comprehensive Cloud and Cyber Security solutions and support services. ISS Technologies has over two decades of expertise in Cloud, Security, […]
Read more
/ News
Wazuh Announces Partnership with ISS Technologies
San Jose, California, July 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a strategic partnership with ISS Technologies, a leader in delivering comprehensive Cloud and Cyber Security solutions and support services. ISS Technologies has over two decades of expertise in Cloud, Security, […]
Read moreRecently, CrowdStrike, a prominent XDR (Extended Detection and Response) provider, encountered a significant technical issue that affected numerous organizations. This article examines the CrowdStrike incident and details how the architecture of Wazuh avoids similar risks. The CrowdStrike incident On July 18, 2024, a Blue Screen of Death (BSOD) issue associated with CrowdStrike’s Falcon sensor update […]
Read more
/ News
CrowdStrike BSOD incident and how Wazuh avoids similar risks
Recently, CrowdStrike, a prominent XDR (Extended Detection and Response) provider, encountered a significant technical issue that affected numerous organizations. This article examines the CrowdStrike incident and details how the architecture of Wazuh avoids similar risks. The CrowdStrike incident On July 18, 2024, a Blue Screen of Death (BSOD) issue associated with CrowdStrike’s Falcon sensor update […]
Read moreWazuh is an open source security platform that offers Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) capabilities to organizations. It provides security to IT infrastructure through real-time monitoring, threat detection, log analysis, vulnerability detection, and automated incident response. By collecting and analyzing security data from endpoints, Wazuh enables organizations to […]
Read more
Deploying Wazuh agents using ManageEngine
Wazuh is an open source security platform that offers Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) capabilities to organizations. It provides security to IT infrastructure through real-time monitoring, threat detection, log analysis, vulnerability detection, and automated incident response. By collecting and analyzing security data from endpoints, Wazuh enables organizations to […]
Read more
Keep up to date
with our digest of articles
with our digest of articles
Wazuh will not sell, trade, lease, or rent your personal data to third parties. By subscribing, I agree to the use of my personal data in accordance with Wazuh Privacy Policy.