Based on our record, Wazuh should be more popular than osquery. It has been mentiond 49 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
The largest we have successfully deployed is on the OSQuery schema https://osquery.io/ which is 277 tables and lots of business context (malwares, vulnerabilities, Windows registry keys, etc). - Source: Hacker News / 3 months ago
From a self hosted standpoint OSQuery or Wazuh are your best bets for monitoring USB devices. Windows makes blocking really challenging and I’m not aware of any “free” solutions that attempt it. Source: 12 months ago
Configure auditd to monitor host activity: https://izyknows.medium.com/linux-auditd-for-threat-detection-d06c8b941505 or osquery: https://osquery.io/ (or similar software: filebeat for example). Source: about 1 year ago
OS Query : Easily ask questions about your Linux, Windows, and macOS infrastructure. - Source: dev.to / over 1 year ago
Osquery + Fleet. https://osquery.io/ https://fleetdm.com/, using the two allows you to build a query to answer what ever questions you (or an auditor) might have about your environment. Source: over 1 year ago
I use Wazuh instead. Greenbone CE is severely limited and requires payment for anything beyond the very basic. Super simple installation more features. Source: 5 months ago
Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the... Source: 6 months ago
Wazuh: An open source security monitoring platform that integrates with popular tools like Elasticsearch and Kibana to provide comprehensive security event analysis and response capabilities. - Source: dev.to / 12 months ago
On another note, as mentioned in my response to the question of this post, we are working on a complete rework of the Vulnerability Detection engine. This rework will provide a sanitized CVEs feed from wazuh.com and a completely new scanner engine. It will also include a new UI for global queries. Source: 12 months ago
Nessus essentials (https://www.tenable.com/products/nessus/nessus-essentials) might do the trick. It can help to check what kind of services you are running are vulnerable to exploits. Also, the general recommendation here would be not to use default ports for all the services you are exposing. Also, you can check something like Wazuh - https://wazuh.com/. Source: almost 1 year ago
Tripwire - Open Source Tripwire software is a security and data integrity tool useful for monitoring and...
Zabbix - Track, record, alert and visualize performance and availability of IT resources
Ossec - OSSEC is an Open Source Host-based Intrusion Detection System.
Fortinet FortiAnalyzer - Fortinet FortiAnalyzer is a powerful product for Security Fabric Analytics and Automation.
AIDE - AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker.
Beats - Beats is the platform for single-purpose data shippers that is installed as lightweight agents and send data to machines to Logstash or Elasticsearch.