Wazuh AMI in the AWS Marketplace

| by
Post icon

We are excited to announce that now Wazuh provides a pre-built Amazon Machine Image (AMI). This new Wazuh deployment alternative inside the AWS Marketplace empowers users to protect their data workloads efficiently. Prepare to get the most out of the Wazuh AMI in the AWS Marketplace.

As a central and strategic component for a growing number of enterprises, Wazuh presents a security solution capable of monitoring a whole organization’s infrastructure security. With Wazuh, you can detect system anomalies, intrusion attempts, poorly configured applications, and unauthorized user actions between other security threats.

How the Wazuh AMI works

Wazuh Amazon Machine Image is a shared AMI developed by Wazuh and made available for others in the AWS Marketplace. Thanks to this AMI, users can take advantage of the full power of Wazuh in a cloud environment. Wazuh can monitor an organization’s infrastructure, detect threats, and trigger active responses, all in one platform.

Wazuh AMI security analytics agent provides you the necessary monitoring and response capabilities

The AMI implemented by Wazuh in AWS allows users to launch an instance in AWS EC2 to have a virtual machine with Wazuh running. This solution monitors the deployed instance and any external machine or AWS instance that has an agent installed and connected to the manager.

A simple security solution for monitoring your infrastructure

This Wazuh pre-built virtual machine image is capable of monitoring your infrastructure, detecting threats, and providing a framework for incident response and regulatory compliance.

Let’s see below all the Wazuh AMI components for a better understanding of how it works:

  • Wazuh manager: This component is the system that analyzes the data received from all registered agents and triggers alerts when an event coincides with a rule. The manager also works as an agent on the local machine, which means that it has all the agent’s features. It provides prevention, detection, and response capabilities.
  • Elasticsearch: This component indexes and stores alerts generated by the Wazuh server. It is a highly scalable, full-text search and analytics engine.
  • Filebeat: Filebeat is the tool on the Wazuh server that securely forwards alerts and archived events to Elasticsearch. Filebeat can be used in conjunction with Wazuh Manager to send events and alerts to Elasticsearch.
  • Kibana: This is a flexible and intuitive web interface for mining, analyzing, and visualizing data. It is used to manage Wazuh configuration and to monitor its status.

Wazuh Consulting service

Our Wazuh Consulting service is also available in the AWS Marketplace for you to check the professional service packages Wazuh has to offer. Check also our documentation to learn how to quickly launch your Wazuh All-In-One deployment instance.

Don’t hesitate to contact us if you have any questions about Wazuh Cloud Console, or check out our documentation to learn more about it. You can also join our Slack and mailing list, where our team and other users will help you.