Wazuh is providing a free, open-source unified eXtended detection and response (XDR) and security information and event management (SIEM) platform to help security analysts identify and counter cyber threats, according to the company.
The platform lets security analysts reconstruct events that lead to incidents, Wazuh noted. From here, they can use these insights to respond to incidents, produce compliance reports and look for ways to prevent future cyberattacks.
Wazuh Drives Forensic Analysis
With Wazuh's platform, security analysts can:
- Collect and analyze data from network devices, containers, endpoints and other sources to establish a repository for conducting forensic investigations.
- Monitor and receive alerts for security events.
- View web dashboards and use them to visualize and analyze data.
- Leverage VirusTotal and other third-party threat intelligence platforms to detect threats.
- Utilize a MITRE ATT&CK module to cross-reference identified indicators of compromise (IOCs) with external threat data to understand the techniques that threat actors use.
- Automatically respond to incidents based on alerts.
Wazuh's platform is based on a single agent and platform architecture, the company said. It can be used to protect public clouds, private clouds and data centers.
MSSPs and MSPs Can Join Wazuh's Partner Program
Wazuh offers a partner program that enables MSSPs, MSPs and other technology providers to deliver "an all-in-one solution for threat prevention, detection and response," the company said.
The program's features include:
- 50GB cloud subscription
- Centralized console for multi-tenancy
- Credentials for a demo environment
- Online training technical course
- Business development program
Scybers joined Wazuh's partner program in October 2022. The MSSP started using Wazuh's platform to provide its customers with security analytics, cloud monitoring, file integrity monitoring, vulnerability management and other security capabilities as part of its managed detection and response (MDR) services, Scybers co-founder Gopalakrishnan Subramanian said.