I use Wazuh instead. Greenbone CE is severely limited and requires payment for anything beyond the very basic. Super simple installation more features. Source: 5 months ago
Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the... Source: 6 months ago
Wazuh: An open source security monitoring platform that integrates with popular tools like Elasticsearch and Kibana to provide comprehensive security event analysis and response capabilities. - Source: dev.to / 12 months ago
On another note, as mentioned in my response to the question of this post, we are working on a complete rework of the Vulnerability Detection engine. This rework will provide a sanitized CVEs feed from wazuh.com and a completely new scanner engine. It will also include a new UI for global queries. Source: 12 months ago
Nessus essentials (https://www.tenable.com/products/nessus/nessus-essentials) might do the trick. It can help to check what kind of services you are running are vulnerable to exploits. Also, the general recommendation here would be not to use default ports for all the services you are exposing. Also, you can check something like Wazuh - https://wazuh.com/. Source: 12 months ago
Maybe you can take a look at wazuh? https://wazuh.com/. Source: 12 months ago
In this article, we explain how we made Wazuh, Inc.'s deployment totally dark from the internet including the agents that push logs to the platform. [r/Wazuh] Wazuh is an open-source security platform that offers unified XDR and SIEM protection for endpoints and cloud workloads. Source: about 1 year ago
Looking to get easy security visibility into my home network. https://wazuh.com/ seems like a good solution. Anyone using this? Think of it being a much better version than crowdsec - assuming that an openwrt-wazuh-agent binary exists to make it work like the crowdsec-bouncer. Source: about 1 year ago
I wish there was also wazuh [1] included. That's where open source EDR is currently at. [1] https://wazuh.com/. - Source: Hacker News / about 1 year ago
About 8 years ago I actually started the Wazuh project, a FOSS XDR/SIEM platform. I believe in the transparency provided by open source, as it allows users to not only know what the software does, but how it does it. You can see commercial vendors saying “we stop breaches” but not sharing how that is done. No explanation of the techniques used for threat protection (apart from the traditional marketing buzzwords),... Source: about 1 year ago
Wazuh is free and open source. It unifies SIEM and XDR capabilities. More info at wazuh.com. Source: about 1 year ago
Simple - just use Wazuh -(https://wazuh.com) based on Elasticsearch and does both SEIM and XDR. Source: about 1 year ago
OPNsense - Firewall XCP-ng - Host System for VMs Rport - Remote Management/Access Wahzu - Security Platform Xen Orchestra - Webinterface for XCP. I use the open source variant. Source: over 1 year ago
Have you looked into Wazuh? I’ve been messing around with it in some test environments and pushed it out to a couple of production servers. Source: over 1 year ago
Critically, harden the OS. Like, more than you think you need to. Way more. Consider the jump host capability as a core component of each system/environment/platform/application it's used to access/manage and assess value and risk with all those business processes/functions in mind even though you're using one jump host for each of those use cases because, inevitably, the same... Source: over 1 year ago
Active Measures - Includes (IDS/IPS) such as open-source Suricata or Snort on pfSense, and File Integrity Monitoring (FIM), such as the commercial Tripwire and dated, open-source Tripwire, or the open-source Wazuh installed on servers. These can be combined into a Security Information and Event Management (SIEM) system like the open-source solution, Security Onion. Wazuh itself has evolved into a SIEM. Source: over 1 year ago
Setup SIEM software such as Wazuh Bonus points if you setup a honeypot and monitor it with Wazuh Bonus points if you can do some of the automation its capable of. Source: over 1 year ago
Best free SIEM I’ve seen - https://wazuh.com/. Open source so the community has built it up really well. You can also pay to use it on the cloud and get support. Source: over 1 year ago
Take a look at Wazuh.It's open source, self hosted, and I know it's resold as an endpoint agent by a few managed security platforms. Source: over 1 year ago
Active measures may include an intrusion detection system / intrusion prevention systems (IDS/IPS) such as open-source Suricata on the firewall, and installing file system integrity monitoring, such as the open-source Wazuh on the exposed server. These are combined in one open-source solution, Security Onion. Source: over 1 year ago
We use Wazuh, a fork of OSSEC. https://wazuh.com/. Source: over 1 year ago
Do you know an article comparing Wazuh to other products?
Suggest a link to a post with product alternatives.
This is an informative page about Wazuh. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.