Wazuh

The Wazuh Security Information and Event Management (SIEM) solution is a centralized platform for aggregating and analyzing telemetry in real time for threat detection and compliance. Wazuh collects event data from various sources like endpoints, network devices, cloud workloads, and applications for broader security coverage.

Resources

• Wazuh installation elements

• Wazuh Indexer Install - Installing SIEM Backend Storage

• Wazuh Manager - Log Analyzer Install

• Wazuh Agent Install - Endpoint detection and response

• Ingest Firewall Logs Into Any SIEM

• Detecting Abnormal Network Connections With Wazuh

• Wazuh + MISP Automation - Automate Your SIEM Threat Intel

• Quarantine Malware with Wazuh + YARA

• Full Wazuh Install - The SOCFortress Way