We are pleased to announce the release of Wazuh 4.13.0, a version that enhances data visibility and strengthens platform resilience. Key highlights include the introduction of the IT Hygiene dashboard, which provides users with the ability to centrally view and query IT Hygiene data.

In addition, a new hot reload feature enables decoders, rules, and CDB lists to be updated dynamically without requiring a restart of the Wazuh manager service. It also delivers multiple reliability and performance improvements, as well as bug fixes for the user interface and core components.

Key highlights

IT Hygiene dashboard

Wazuh now supports global queries for IT Hygiene data through a newly dedicated IT Hygiene dashboard. This feature allows users to query, analyze, and visualize relevant system information centrally across monitored endpoints directly from the Wazuh dashboard. Data collected by all Wazuh agents through the IT Hygiene module is unified and indexed in the Wazuh indexer, enabling comprehensive searches with built-in or custom dashboards.

The IT Hygiene dashboard provides a consolidated view of data across multiple or selected monitored endpoints.. It includes sections for Dashboard, System, Software, Processes, and Network that display relevant system data. 

The Dashboard section highlights key metrics such as operating system types, installed and running packages, host CPUs, source ports, and process activity.

The System section provides detailed insights into operating systems and hardware, including OS families, platforms, CPU models, core counts, and memory usage across monitored endpoints.

The Software section shows an overview of installed packages and Windows Knowledge Base data (KBs), highlighting top vendors, package types, installation counts, and common or missing updates.

The Processes section provides insights into running processes across monitored endpoints, including process names, start times, and detailed summary tables.

The Network section provides detailed insights into network addresses, interfaces, protocols, services, and traffic, including IPs, interface states, transport protocols, ports, and endpoint-level summary tables.

This feature automatically synchronizes updates in real-time and is supported in both single-node and multi-node environments, enhancing infrastructure visibility, security operations, and compliance monitoring.

For more information, refer to the system inventory documentation.

Improved platform stability and security

We have implemented multiple fixes across core components to improve platform stability and performance. These fixes address reducing runtime errors, enhancing dashboard responsiveness, and other known issues. In addition, this release introduces a hot reload feature in the Wazuh Analysis engine that enables decoders, rules, and CDB lists to be updated dynamically without restarting the Wazuh manager.

As part of ongoing security hardening, Wazuh now restricts the use of Universal Naming Convention (UNC) paths and mapped network drives on monitored Windows endpoints. This change strengthens security by protecting against NetNTLMv2 hash exposure and reducing the risk of remote code execution. Only local file system paths are now allowed, with unsafe paths rejected during configuration load.

Conclusion

Wazuh remains committed to continuously enhancing its platform to provide comprehensive security capabilities that safeguard IT infrastructures against evolving cyber threats. To explore the new features, improvements, and fixes introduced in Wazuh 4.13.0, please check out our detailed release notes. For a deeper dive into specific updates, our changelog offers comprehensive information.

Thank you for being an essential part of our community and helping us build a stronger, more reliable, and user-friendly open source security solution.open source security solution.