We are delighted to announce that Wazuh 4.4 has been released. This new version is an important milestone for our project and great news for our open source community. This release results from a year of hard work by the Wazuh team, entirely dedicated to making the product more robust and efficient.
Wazuh 4.4 includes enhanced support for Linux distributions and new integrations, such as the SUSE operating system and the native Shuffle integration, to help users detect and respond more effectively to threats. Below, you can explore some new features and enhancements of our latest version.
Wazuh 4.4 new support additions
One of the most significant additions in Wazuh 4.4 is the support for the IPv6 protocol in the agent enrollment process and the agent-manager connection. This feature brings several benefits, such as the following:
- Enhanced security: IPv6 addresses provide a larger address space and improved security features, reducing the risk of cyber-attacks and increasing network security.
- Improved performance: With IPv6 support, agents connect more efficiently and reduce latency, resulting in faster communication between agents and managers.
- Increased flexibility: IPv6 support allows agents to register and connect through the IPv6 protocol, providing more options to configure their network.
Wazuh 4.4 also includes new vulnerability detection support for SUSE systems. This feature brings several benefits, including full support for SUSE. Wazuh now provides complete support for SUSE Linux Enterprise Server and Desktop operating systems versions 11, 12, and 15.
The vulnerability detector scans programs identified by the syscollector module and reports the vulnerabilities it finds. These vulnerabilities are described in the SUSE OVAL and NVD databases. This new feature enables users to identify and remediate vulnerabilities in their SUSE systems faster. By detecting and reporting vulnerabilities, users can proactively protect their systems against potential attacks, reducing the risk of data breaches and other security incidents.
Support for Azure integration in Linux agents is also introduced, enhancing the flexibility and scalability of the platform. Integrating Azure into the Wazuh agents, not just the Wazuh server, provides more options for deploying and managing security operations.
The package generation process has been modified to include support for Azure integration in Linux agents when upgrading the Wazuh agent. Each new WPK package now contains all updated binaries and source code, and the installer updates all files and binaries to support the Azure integration. This simplifies the installation process and ensures users can easily integrate Azure, configuring their Linux agents.
More new features
Wazuh 4.4 has upgraded its indexer and dashboard based on the OpenSearch 2.4.1 version. The upgrade provides substantial value by improving security and functionality and providing a better user experience.
The upgrade with the new version of OpenSearch fixes earlier version vulnerabilities, supplying a more secure platform. The upgraded Wazuh indexer and dashboard incorporate new functionalities, such as enhanced visualization options and improved search capabilities, enabling users to more efficiently and effectively manage the security of their systems.
Moreover, Wazuh 4.4 includes improved SCA policies for Ubuntu Linux 20.04 and 22.04. These policies have been reworked to provide users with accurate and reliable vulnerability scanning for their Ubuntu Linux systems.
The update to Ubuntu Linux 22.04 SCA Policy was based on the latest CIS Ubuntu Linux 22.04 LTS Benchmark v1.0.0, ensuring that systems comply with the latest security standards and best practices.
Finally, it’s important to highlight that Wazuh maintains support for all installation alternatives, such as OVA, AMI, and Docker images for the Wazuh central components and Wazuh agent packages for Windows, macOS, Linux, and other operating systems. With these enhancements and new integrations, Wazuh 4.4 strengthens its position as a leading open source security platform.