Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response, and regulatory compliance.

The solution includes the Wazuh server, which is in charge of analyzing the data received from the agents, processing events through decoders and rules, and using threat intelligence to look for well-known IOCs (Indicators Of Compromise). A single Wazuh server can analyze data from hundreds or thousands of agents. Alerts generated by Wazuh are sent to Wazuh indexer, where they are indexed and stored. The unique integration between Wazuh and Wazuh dashboard provides a powerful user interface for data visualization and analysis. The server is also used to manage the agents, configuring and upgrading them remotely when necessary. Additionally, the server is capable of sending orders to the agents, for example, to trigger a response when a threat is detected.

Wazuh provides a security solution capable of monitoring your infrastructure, detecting threats, intrusion attempts, system anomalies, poorly configured applications, and unauthorized user actions. It also provides a framework for incident response and compliance, all in one platform.