Wazuh Host and endpoint security
Wazuh is an open source project for detection, visibility and compliance. OSSEC HIDS is at the origin of this software, then integrated into Elastic Stack and OpenSCAP.
Log management and analysis: Wazuh agents read operating system and application logs and securely route them to a centralized manager for rule-based scanning and storage.
File integrity monitoring: Wazuh monitors the file system and detects changes to the content, permissions, ownership, and file attributes that you must follow.
Intrusion Detection : Agents scan the system for malicious software, rootkits, or suspicious anomalies. You can detect hidden files, disguised processes, or unregistered network listeners, as well as inconsistencies in responses to system calls.
Policy and compliance monitoring: Wazuh monitors configuration files to ensure they comply with your security policies, standards, or security policies.
OSSEC HIDS is a host-based intrusion detection system (HIDS) used for security detection, visibility and compliance monitoring. It is based on a multiplatform agent that forwards system data (such as log messages, file hashes, and detected anomalies) to a centralized manager, where it is then analyzed and processed, generating security alerts. The agents transmit the event data to the central manager for analysis via a secure and authenticated channel.