We are excited to announce the new version Wazuh v3.2. It comes with added features that improve some core capabilities for infrastructure security monitoring. The WUI has been enhanced too. Now it shows additional information regarding the configuration of the agents and including the latest features. Also, the team has worked on the WUI usability, resulting in a nicer user experience. Don’t miss the highlights below:

1. Vulnerability detection

With Wazuh v3.1 we integrated Vuls (vulnerability scanner) to perform vulnerabilities analysis. Now, this feature is supported natively (no need to use vuls integration anymore). In this version, agents are capable of reporting applications inventory data so the manager can use it to detect vulnerabilities. This is done correlating reported applications with a CVEs database that is created automatically, by the manager, pulling data periodically from OVAL repositories.

Wazuh app dashboard view with the new module Vulnerability Detection. Screenshot.

Below is an example of an alert generated by this new module.

Alert generated by the new module Vulnerability Detection. Screenshot.

2. Module for AWS Cloudtrail integration

This integration is also supported natively now, so there is no need of third party tools to fetch AWS events data. Now, there is an Amazon AWS module that comes built-in as part of the agent and provides the ability to search, analyze and alert on AWS CloudTrail events.

Module for AWS Cloudtrail integration on the Wazuh app. Screenshot.

3. CIS-CAT integration now supports Windows platforms

For those making use of this configuration assessment tool, now you can use the Wazuh agent to configure and run it, both on Windows and Linux platforms. Remember that you can actually make use of agent groups to manage your fleet, pushing different configurations to the agents from the manager.

4. Managers cluster mode improved

The cluster now, with Wazuh v3.2, synchronizes groups configuration files (used for centralized configuration management), decoders, rules, cdb-lists, agent keys and information metadata. In addition, this release includes several bug fixes and performance improvements.

Further information and documentation can be found in the following URLs:

We would also like to thank our developers, contributors, and users. We are looking forward to your feedback, so please don’t hesitate to post on our mailing list if you have any questions about Wazuh v3.11. You can also join our #community Slack channel.