Open Source
Wazuh is an open-source security monitoring platform, which means there are no licensing fees and continuous community support.
Comprehensive Security
It offers a wide range of security functionalities including intrusion detection, log data analysis, and vulnerability detection.
Scalability
Wazuh is built to scale, allowing it to handle extensive data from multiple sources across various environments.
Integrated Solution
Wazuh provides an integrated approach to security, combining SIEM and HIDS capabilities in one platform.
Active Community Support
It has an active community and a wealth of online resources, making troubleshooting and implementation easier.
Customizability
Being open-source, Wazuh can be highly customized to meet the specific needs of different organizations or use cases.
Compliance Reporting
The platform includes preconfigured templates for compliance reporting, aiding in regulatory compliance efforts.
Cloud and On-Premises
Wazuh supports deployment both on-premises and in cloud environments, offering flexibility in how it's implemented.
We have collected here some useful links to help you find out if Wazuh is good.
Check the traffic stats of Wazuh on SimilarWeb. The key metrics to look for are: monthly visits, average visit duration, pages per visit, and traffic by country. Moreoever, check the traffic sources. For example "Direct" traffic is a good sign.
Check the "Domain Rating" of Wazuh on Ahrefs. The domain rating is a measure of the strength of a website's backlink profile on a scale from 0 to 100. It shows the strength of Wazuh's backlink profile compared to the other websites. In most cases a domain rating of 60+ is considered good and 70+ is considered very good.
Check the "Domain Authority" of Wazuh on MOZ. A website's domain authority (DA) is a search engine ranking score that predicts how well a website will rank on search engine result pages (SERPs). It is based on a 100-point logarithmic scale, with higher scores corresponding to a greater likelihood of ranking. This is another useful metric to check if a website is good.
The latest comments about Wazuh on Reddit. This can help you find out how popualr the product is and what people think about it.
Use open-source auditing tools like Wazuh for intrusion detection and compliance checks. - Source: dev.to / 5 months ago
Wazuh is a powerful open source platform for threat detection, incident response, and compliance. - Source: dev.to / 10 months ago
Hey HN, I've released a new open-source project that's gaining real momentum in the security compliance space: https://github.com/TristanGNS/wazuh-cjis-rules) (open-source SIEM) with the FBIโs CJIS Security Policy โ with mappings to NIST 800-53 baked in. Built for public sector security teams, analysts, and any org handling CJIS-regulated data. In less than 48 hours:. - Source: Hacker News / about 1 year ago
There's Wazuh[0][1], but it's more of an XDR (i.e. anti-virus) and SIEM solution than what Wiz is offering. [0] https://wazuh.com/ [1] https://github.com/wazuh/wazuh. - Source: Hacker News / over 1 year ago
To manage these events, we need to have an appropriate system called SIEM (Security Information and Event Management). One of the best open-source solutions is Wazuh. - Source: dev.to / almost 2 years ago
I use Wazuh instead. Greenbone CE is severely limited and requires payment for anything beyond the very basic. Super simple installation more features. Source: over 2 years ago
Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the... Source: over 2 years ago
Wazuh: An open source security monitoring platform that integrates with popular tools like Elasticsearch and Kibana to provide comprehensive security event analysis and response capabilities. - Source: dev.to / about 3 years ago
On another note, as mentioned in my response to the question of this post, we are working on a complete rework of the Vulnerability Detection engine. This rework will provide a sanitized CVEs feed from wazuh.com and a completely new scanner engine. It will also include a new UI for global queries. Source: about 3 years ago
Nessus essentials (https://www.tenable.com/products/nessus/nessus-essentials) might do the trick. It can help to check what kind of services you are running are vulnerable to exploits. Also, the general recommendation here would be not to use default ports for all the services you are exposing. Also, you can check something like Wazuh - https://wazuh.com/. Source: about 3 years ago
Maybe you can take a look at wazuh? https://wazuh.com/. Source: about 3 years ago
In this article, we explain how we made Wazuh, Inc.'s deployment totally dark from the internet including the agents that push logs to the platform. [r/Wazuh] Wazuh is an open-source security platform that offers unified XDR and SIEM protection for endpoints and cloud workloads. Source: about 3 years ago
Looking to get easy security visibility into my home network. https://wazuh.com/ seems like a good solution. Anyone using this? Think of it being a much better version than crowdsec - assuming that an openwrt-wazuh-agent binary exists to make it work like the crowdsec-bouncer. Source: over 3 years ago
I wish there was also wazuh [1] included. That's where open source EDR is currently at. [1] https://wazuh.com/. - Source: Hacker News / over 3 years ago
About 8 years ago I actually started the Wazuh project, a FOSS XDR/SIEM platform. I believe in the transparency provided by open source, as it allows users to not only know what the software does, but how it does it. You can see commercial vendors saying โwe stop breachesโ but not sharing how that is done. No explanation of the techniques used for threat protection (apart from the traditional marketing buzzwords),... Source: over 3 years ago
Wazuh is free and open source. It unifies SIEM and XDR capabilities. More info at wazuh.com. Source: over 3 years ago
Simple - just use Wazuh -(https://wazuh.com) based on Elasticsearch and does both SEIM and XDR. Source: over 3 years ago
OPNsense - Firewall XCP-ng - Host System for VMs Rport - Remote Management/Access Wahzu - Security Platform Xen Orchestra - Webinterface for XCP. I use the open source variant. Source: over 3 years ago
Have you looked into Wazuh? Iโve been messing around with it in some test environments and pushed it out to a couple of production servers. Source: over 3 years ago
Critically, harden the OS. Like, more than you think you need to. Way more. Consider the jump host capability as a core component of each system/environment/platform/application it's used to access/manage and assess value and risk with all those business processes/functions in mind even though you're using one jump host for each of those use cases because, inevitably, the same... Source: over 3 years ago
Active Measures - Includes (IDS/IPS) such as open-source Suricata or Snort on pfSense, and File Integrity Monitoring (FIM), such as the commercial Tripwire and dated, open-source Tripwire, or the open-source Wazuh installed on servers. These can be combined into a Security Information and Event Management (SIEM) system like the open-source solution, Security Onion. Wazuh itself has evolved into a SIEM. Source: over 3 years ago
Wazuh, an open-source Security Information and Event Management (SIEM) solution, has garnered significant attention within the cybersecurity space, attracting praise for its comprehensive feature set and open-source nature. Here, we delve into the collective sentiment expressed by users and reviewers to provide a nuanced perspective on Wazuh's standing in the industry.
Wazuh, which originates from the OSSEC project, has evolved into a robust platform that extends well beyond traditional SIEM functionalities. The system is lauded for its abilities in threat detection, integrity monitoring, compliance enforcement, and incident response. A notable highlight is its versatility in integrating with popular tools like Elasticsearch and Kibana, providing a powerful user interface for data visualization and analysis. This integration facilitates comprehensive security event analysis and response capabilities.
A significant appeal of Wazuh is its open-source nature, which promotes transparency and community engagement. Users appreciate the visibility into the processes and techniques employed by the platform, contrasting with some commercial solutions that do not share such insights. The open-source community has actively contributed to Wazuh's development, enhancing its capabilities and broadening its adoption.
Despite being free, Wazuh offers a cloud-based premium version, Wazuh Cloud, which centralizes threat detection, incident response, and compliance management across both cloud and on-premise environments. The use of lightweight agents to collect and forward events to Wazuh's centralized infrastructure is noted as a strength, allowing for effective data aggregation, indexing, and analysis.
User reviews from various platforms and discussions indicate that Wazuh is a preferred choice for both enterprises and smaller organizations seeking a cost-effective, feature-rich security monitoring solution. It is often compared to other notable SIEM tools like Zabbix, Beats, and rsyslog, but its comprehensive feature set and open-source advantage give it a competitive edge, especially for users who prioritize transparency and community collaboration.
Moreover, its capability to align with industry standards and regulations such as PCI DSS, GDPR, and others, makes it a viable option for organizations needing to comply with various regulatory requirements. The platform's flexibility is also reflected in its ability to incorporate different deployment scenarios, from homelab environments to enterprise-grade solutions.
Some users have voiced the need for better documentation and ease of use, particularly when initially setting up the platform. There are also mentions of ongoing developments, such as a rework of its Vulnerability Detection engine, aimed at enhancing Wazuh's capabilities further.
In summary, Wazuh is highly regarded for its open-source nature, extensive features, and the community-driven improvements that help it stand shoulder-to-shoulder with other leading SIEM solutions. It stands out for those looking for an open-source alternative without sacrificing the advanced functionalities required in contemporary cybersecurity management.
Do you know an article comparing Wazuh to other products?
Suggest a link to a post with product alternatives.
Is Wazuh good? This is an informative page that will help you find out. Moreover, you can review and discuss Wazuh here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.