Software Alternatives, Accelerators & Startups

Wazuh

Open Source Host and Endpoint Security.

Wazuh

Wazuh Reviews and Details

This page is designed to help you find out whether Wazuh is good and if it is the right choice for you.

Screenshots and images

  • Wazuh Landing page
    Landing page //
    2023-09-18

Features & Specs

  1. Open Source

    Wazuh is an open-source security monitoring platform, which means there are no licensing fees and continuous community support.

  2. Comprehensive Security

    It offers a wide range of security functionalities including intrusion detection, log data analysis, and vulnerability detection.

  3. Scalability

    Wazuh is built to scale, allowing it to handle extensive data from multiple sources across various environments.

  4. Integrated Solution

    Wazuh provides an integrated approach to security, combining SIEM and HIDS capabilities in one platform.

  5. Active Community Support

    It has an active community and a wealth of online resources, making troubleshooting and implementation easier.

  6. Customizability

    Being open-source, Wazuh can be highly customized to meet the specific needs of different organizations or use cases.

  7. Compliance Reporting

    The platform includes preconfigured templates for compliance reporting, aiding in regulatory compliance efforts.

  8. Cloud and On-Premises

    Wazuh supports deployment both on-premises and in cloud environments, offering flexibility in how it's implemented.

Badges

Promote Wazuh. You can add any of these badges on your website.

SaaSHub badge
Show embed code

Videos

Wazuh Open Source SIEM Overview

Wazuh - Automatic log data analysis for intrusion detection

Tutorial: Wazuh SIEM - Installation and Configuration (Complete Steps)

Social recommendations and mentions

We have tracked the following product recommendations or mentions on various public social media platforms and blogs. They can help you see what people think about Wazuh and what they use it for.
  • Securing Test Environments from PII Leaks on a Zero-Budget Strategy
    Use open-source auditing tools like Wazuh for intrusion detection and compliance checks. - Source: dev.to / 5 months ago
  • Protecting our EKS Nodes with Wazuh
    Wazuh is a powerful open source platform for threat detection, incident response, and compliance. - Source: dev.to / 10 months ago
  • Wazuh CJIS Ruleset โ€“ Modular Compliance Rules for FBI CJIS Security Policy
    Hey HN, I've released a new open-source project that's gaining real momentum in the security compliance space: https://github.com/TristanGNS/wazuh-cjis-rules) (open-source SIEM) with the FBIโ€™s CJIS Security Policy โ€” with mappings to NIST 800-53 baked in. Built for public sector security teams, analysts, and any org handling CJIS-regulated data. In less than 48 hours:. - Source: Hacker News / about 1 year ago
  • Google to Buy Wiz for $32B
    There's Wazuh[0][1], but it's more of an XDR (i.e. anti-virus) and SIEM solution than what Wiz is offering. [0] https://wazuh.com/ [1] https://github.com/wazuh/wazuh. - Source: Hacker News / over 1 year ago
  • Secure and Resilient Design
    To manage these events, we need to have an appropriate system called SIEM (Security Information and Event Management). One of the best open-source solutions is Wazuh. - Source: dev.to / almost 2 years ago
  • Greenbone
    I use Wazuh instead. Greenbone CE is severely limited and requires payment for anything beyond the very basic. Super simple installation more features. Source: over 2 years ago
  • Risks of hosting a website out of my house
    Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the... Source: over 2 years ago
  • DevOps and Security: DevSecOps
    Wazuh: An open source security monitoring platform that integrates with popular tools like Elasticsearch and Kibana to provide comprehensive security event analysis and response capabilities. - Source: dev.to / about 3 years ago
  • Vulnerability overview
    On another note, as mentioned in my response to the question of this post, we are working on a complete rework of the Vulnerability Detection engine. This rework will provide a sanitized CVEs feed from wazuh.com and a completely new scanner engine. It will also include a new UI for global queries. Source: about 3 years ago
  • Homelab security advice
    Nessus essentials (https://www.tenable.com/products/nessus/nessus-essentials) might do the trick. It can help to check what kind of services you are running are vulnerable to exploits. Also, the general recommendation here would be not to use default ports for all the services you are exposing. Also, you can check something like Wazuh - https://wazuh.com/. Source: about 3 years ago
  • Alternative to Endpoint Protector?
    Maybe you can take a look at wazuh? https://wazuh.com/. Source: about 3 years ago
  • Protect your SIEM/ SOAR deployment and data sources from cyber attacks over the internet
    In this article, we explain how we made Wazuh, Inc.'s deployment totally dark from the internet including the agents that push logs to the platform. [r/Wazuh] Wazuh is an open-source security platform that offers unified XDR and SIEM protection for endpoints and cloud workloads. Source: about 3 years ago
  • Anyone integrated Wazuh (SIEM) on OpenWRT successfully?
    Looking to get easy security visibility into my home network. https://wazuh.com/ seems like a good solution. Anyone using this? Think of it being a much better version than crowdsec - assuming that an openwrt-wazuh-agent binary exists to make it work like the crowdsec-bouncer. Source: over 3 years ago
  • Kali Linux 2023.1 introduces 'Purple' distro for defensive security
    I wish there was also wazuh [1] included. That's where open source EDR is currently at. [1] https://wazuh.com/. - Source: Hacker News / over 3 years ago
  • Am I the only one who feels like Microsoft is about to dominate the cybersecurity market (blue teaming)?
    About 8 years ago I actually started the Wazuh project, a FOSS XDR/SIEM platform. I believe in the transparency provided by open source, as it allows users to not only know what the software does, but how it does it. You can see commercial vendors saying โ€œwe stop breachesโ€ but not sharing how that is done. No explanation of the techniques used for threat protection (apart from the traditional marketing buzzwords),... Source: over 3 years ago
  • On-prem SIEM for small business & smaller IT dept?
    Wazuh is free and open source. It unifies SIEM and XDR capabilities. More info at wazuh.com. Source: over 3 years ago
  • Simple, Self-Hosted Centralized Logging
    Simple - just use Wazuh -(https://wazuh.com) based on Elasticsearch and does both SEIM and XDR. Source: over 3 years ago
  • What are your self hosted apps you're using for your business?
    OPNsense - Firewall XCP-ng - Host System for VMs Rport - Remote Management/Access Wahzu - Security Platform Xen Orchestra - Webinterface for XCP. I use the open source variant. Source: over 3 years ago
  • Malware scanning and reporting for Linux Servers in 2023
    Have you looked into Wazuh? Iโ€™ve been messing around with it in some test environments and pushed it out to a couple of production servers. Source: over 3 years ago
  • Creating a jump host in 2023
    Critically, harden the OS. Like, more than you think you need to. Way more. Consider the jump host capability as a core component of each system/environment/platform/application it's used to access/manage and assess value and risk with all those business processes/functions in mind even though you're using one jump host for each of those use cases because, inevitably, the same... Source: over 3 years ago
  • Server Hardening
    Active Measures - Includes (IDS/IPS) such as open-source Suricata or Snort on pfSense, and File Integrity Monitoring (FIM), such as the commercial Tripwire and dated, open-source Tripwire, or the open-source Wazuh installed on servers. These can be combined into a Security Information and Event Management (SIEM) system like the open-source solution, Security Onion. Wazuh itself has evolved into a SIEM. Source: over 3 years ago

Summary of the public mentions of Wazuh

Wazuh, an open-source Security Information and Event Management (SIEM) solution, has garnered significant attention within the cybersecurity space, attracting praise for its comprehensive feature set and open-source nature. Here, we delve into the collective sentiment expressed by users and reviewers to provide a nuanced perspective on Wazuh's standing in the industry.

Wazuh, which originates from the OSSEC project, has evolved into a robust platform that extends well beyond traditional SIEM functionalities. The system is lauded for its abilities in threat detection, integrity monitoring, compliance enforcement, and incident response. A notable highlight is its versatility in integrating with popular tools like Elasticsearch and Kibana, providing a powerful user interface for data visualization and analysis. This integration facilitates comprehensive security event analysis and response capabilities.

A significant appeal of Wazuh is its open-source nature, which promotes transparency and community engagement. Users appreciate the visibility into the processes and techniques employed by the platform, contrasting with some commercial solutions that do not share such insights. The open-source community has actively contributed to Wazuh's development, enhancing its capabilities and broadening its adoption.

Despite being free, Wazuh offers a cloud-based premium version, Wazuh Cloud, which centralizes threat detection, incident response, and compliance management across both cloud and on-premise environments. The use of lightweight agents to collect and forward events to Wazuh's centralized infrastructure is noted as a strength, allowing for effective data aggregation, indexing, and analysis.

User reviews from various platforms and discussions indicate that Wazuh is a preferred choice for both enterprises and smaller organizations seeking a cost-effective, feature-rich security monitoring solution. It is often compared to other notable SIEM tools like Zabbix, Beats, and rsyslog, but its comprehensive feature set and open-source advantage give it a competitive edge, especially for users who prioritize transparency and community collaboration.

Moreover, its capability to align with industry standards and regulations such as PCI DSS, GDPR, and others, makes it a viable option for organizations needing to comply with various regulatory requirements. The platform's flexibility is also reflected in its ability to incorporate different deployment scenarios, from homelab environments to enterprise-grade solutions.

Some users have voiced the need for better documentation and ease of use, particularly when initially setting up the platform. There are also mentions of ongoing developments, such as a rework of its Vulnerability Detection engine, aimed at enhancing Wazuh's capabilities further.

In summary, Wazuh is highly regarded for its open-source nature, extensive features, and the community-driven improvements that help it stand shoulder-to-shoulder with other leading SIEM solutions. It stands out for those looking for an open-source alternative without sacrificing the advanced functionalities required in contemporary cybersecurity management.

Do you know an article comparing Wazuh to other products?
Suggest a link to a post with product alternatives.

Suggest an article

Wazuh discussion

Log in or Post with

Is Wazuh good? This is an informative page that will help you find out. Moreover, you can review and discuss Wazuh here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.