Wazuh 4.2.0 released
![Post icon](https://wazuh.com/uploads/2021/08/4.2.0-release-circle.png)
We are happy to announce that Wazuh 4.2.0 is released. After working tirelessly to create the best open source security platform during the last years, Wazuh is now better than ever. Below you can explore some of the new additions and improvements of this brand new release!
Wazuh 4.2.0 includes many new additions such as a significant improvement in the Active Response (AR) capacities, enhanced insight into the Common Vulnerabilities and Exposures (CVE) that affect systems, and a new ruleset test tool in the Wazuh user interface. Below you will find more information about each of these new features.
Wazuh 4.2.0 provides you with enhanced insight into the CVEs that affect systems and applications.
The changes in the AR capacities include removing the limitation of fields that can be received to execute a command related to the AR. This new feature is backward-compatible with previous versions of the agents.
As part of a new Core feature, AR protocol changed to receive notifications in JSON format that include the full alert. So, the whole alert is sent to execute commands related to an AR.
Wazuh 4.2.0 now transmits information to the AR executables via standard input (stdin) instead of in-line arguments. As part of the agent upgrade process, previous versions of the AR scripts present in the active-response/bin directories were replaced. In addition, the new 4.2 Wazuh server continues sending in-line arguments to Wazuh agents version 4.1.5 and earlier.
Another Wazuh 4.2.0 significant new feature is the enhanced insight into the CVEs detected by agents. Different development teams within Wazuh were working together to reach this achievement.
Wazuh now generates CVEs inventory reports that provide users insight into the vulnerabilities that are monitored by agents. This visibility improvement allows users to visualize information on their interface. In addition, users can analyze vulnerabilities recognized by agents and evaluate this information to perform corrective actions.
Now Wazuh has a new endpoint to get CVEs data detected by agents. Through this endpoint, users can query the vulnerability data of any agent and get enhanced insight into the CVEs. In addition, this new feature gives users easy access to information such as package name, version, architecture, and the CVE ID that affects each application.
With this new feature, Wazuh now supplies users with enhanced insight into the CVEs monitored by agents. Thanks to the newly added Inventory tab in the Vulnerabilities module, users can now visualize all the information related to each specific vulnerability entry detailed in the Inventory section.
Wazuh 4.2.0 generates CVEs inventory reports that provide insight into the vulnerabilities monitored by agents.
Wazuh 4.2.0 presents a new ruleset test tool that can be accessed through the Wazuh user interface. Users can now visualize how the ruleset responds to specific log messages by testing sample logs directly on the Wazuh user interface.
This new feature will improve the users’ experience by integrating an input box for reading sample logs and an output box to visualize the test results. Users can also keep the ruleset test window open to edit or create threat detection rules while on the web interface.
Wazuh 4.2.0 provides users with the ability to test log messages as they write rules and decoders in the interface. Users now have more visualization control related to the ruleset test through the web interface.
Wazuh 4.2.0 presents a new ruleset test tool that users can access through the Wazuh user interface.
Wazuh 4.2.0 includes many enhancements and fixes from previous releases, such as the following:
This release includes many more fixes and performance improvements, and you can find more information about it at the following links:
If you have any questions about Wazuh 4.2.0, don’t hesitate to check out our documentation to learn more about it. You can also join our Slack and mailing list, where our team and other users will help you.