Submitting the form

All results for 'Wazuh'

Showing 12 of 309 results

Managing multiple Wazuh clusters with Cross-Cluster Search

Blog / Engineering / Managing multiple Wazuh clusters with Cross-Cluster Search

Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]

Wazuh multi-site implementation

Blog / Engineering / Wazuh multi-site implementation

Wazuh multi-site implementation offers a solution that helps organizations unify their security monitoring capabilities across multiple geographically dispersed locations or sites. This implementation focuses on having Wazuh cluster components that collect, process, and store logs from the Wazuh agents within each site. A single Wazuh dashboard displays security alerts generated from events occurring in monitored […]

Migrating from OSSEC to Wazuh

Blog / Engineering / Migrating from OSSEC to Wazuh

OSSEC is an open source host-based Intrusion Detection System (IDS) that provides log analysis, integrity monitoring, real-time alerting, and active response capabilities. In recent years, the OSSEC project has been in maintenance mode with limited emphasis on active development.  In 2015, the Wazuh team decided to fork the project, expanding upon the OSSEC core functionalities […]

Wazuh integration with Amazon Security Lake as a custom source

Blog / Engineering / Wazuh integration with Amazon Security Lake as a custom source

Amazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]

How Wazuh provides endpoint security without kernel-level access

Blog / Engineering / How Wazuh provides endpoint security without kernel-level access

User mode and kernel mode are two operating states within a computer system that define different levels of access and control to the hardware resources of a computer. Choosing the right mode between the two is important, as it affects the security and stability of the computer.  User mode is a restricted operating environment where […]

Ransomware protection on Windows with Wazuh

Blog / Engineering / Ransomware protection on Windows with Wazuh

Providing Ransomware protection on our endpoints is important as these attacks have become one of the most prevalent and damaging cyber threats faced by organizations and individuals. These types of attacks continue to rise due to the lucrative nature of ransom payments. Ransomware attacks adopt sophisticated techniques, such as advanced encryption algorithms and social engineering […]

Configuration management of Wazuh endpoints using Ansible

Blog / Engineering / Configuration management of Wazuh endpoints using Ansible

Configuration management is the process of maintaining computer systems, servers, network devices, and software in a desired and consistent state. Configuration management tools allow you to quickly and remotely control large numbers of different endpoints in an automated way from a centralized location. There are several popular configuration management tools. These include Ansible, Chef, Puppet, […]

Wazuh agent groups and centralized configuration

Blog / Engineering / Wazuh agent groups and centralized configuration

Centralized configuration management offers a unified approach for organizing, controlling, and modifying configurations within a large infrastructure. They mitigate the challenges associated with manual configuration management, such as human errors, inconsistencies, and time-consuming updates. Wazuh, the unified XDR and SIEM platform, offers a feature for streamlining agent configuration and enhancing security management: Wazuh agent groups […]

Filtering security data with the Wazuh Query Language

Blog / Engineering / Filtering security data with the Wazuh Query Language

The Wazuh Query Language (WQL) simplifies security data filtering in the Wazuh dashboard with its user-friendly format. With the use of a specialized querying language like Wazuh Query Language, security analysts can analyze and query security log data, enabling effective detection and response to security threats. WQL provides a solution for navigating complex datasets, allowing […]

Monitoring Hyper-V with Wazuh

Blog / Engineering / Monitoring Hyper-V with Wazuh

Microsoft Hyper-V is a widely used virtualization platform in enterprise environments, powering everything from development labs to production workloads.

No results for 'Wazuh'

Please make sure that all words are spelled correctly.