We are excited to announce the new version Wazuh v3.2. It comes with added features that improve some core capabilities for infrastructure security monitoring. The WUI has been enhanced too. Now it shows additional information regarding the configuration of the agents and including the latest features. Also, the team has worked on the WUI usability, resulting in a nicer user experience. Don’t miss the highlights below:
1. Vulnerability detection
With Wazuh v3.1 we integrated Vuls (vulnerability scanner) to perform vulnerabilities analysis. Now, this feature is supported natively (no need to use vuls integration anymore). In this version, agents are capable of reporting applications inventory data so the manager can use it to detect vulnerabilities. This is done correlating reported applications with a CVEs database that is created automatically, by the manager, pulling data periodically from OVAL repositories.
Below is an example of an alert generated by this new module.
2. Module for AWS Cloudtrail integration
This integration is also supported natively now, so there is no need of third party tools to fetch AWS events data. Now, there is an Amazon AWS module that comes built-in as part of the agent and provides the ability to search, analyze and alert on AWS CloudTrail events.
3. CIS-CAT integration now supports Windows platforms
For those making use of this configuration assessment tool, now you can use the Wazuh agent to configure and run it, both on Windows and Linux platforms. Remember that you can actually make use of agent groups to manage your fleet, pushing different configurations to the agents from the manager.
4. Managers cluster mode improved
The cluster now synchronizes groups configuration files (used for centralized configuration management), decoders, rules, cdb-lists, agent keys and information metadata. In addition, this release includes several bug fixes and performance improvements.
Further information and documentation can be found in the following URLs:
We take the opportunity to thank our contributors and users. We are looking forward to your feedback, so please don’t hesitate to use this mailing list if you have any question.