Wazuh: Free and open-source XDR and SIEM

Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings.


Wazuh system comprises an endpoint security agent installed on monitored systems and a management server that processes and examines the data from these agents. Additionally, it seamlessly integrates with the Elastic Stack, offering a search and data visualization feature that lets users explore their security notifications.

Wazuh capabilities:

  • Intrusion detection
  • Log data analysis
  • File integrity monitoring
  • Vulnerability detection
  • Configuration assessment
  • Incident response
  • Regulatory compliance
  • Cloud security
  • Container security

The platform is available on GitHub.

Must read:

Don't miss