Datasec has been using Wazuh for monitoring its own and customers' infrastructure for 5 years. This time has allowed us to specialise in the tool and its capabilities over several versions, and we have seen its evolution from a little more than HIDS to a SIEM whose features are constantly growing.
Currently, Wazuh is an open source SIEM/HIDS. Among its main features is the ability to incorporate unlimited event collection agents and thanks to its ability to scale both horizontally and vertically, it can receive an unlimited number of events per second. Best of all, it requires no licensing of any kind.
By default, Wazuh includes a set of more than 3000 rules to monitor technologies of all kinds. This set is continuously updated officially. But if that is not enough, the tool itself, thanks to its Open Source status, allows integration with almost any product (Cloud, containers, virtualisers, applications and infra in general). This makes it versatile SIEM and worthy of being taken into account by any organization that requires constant monitoring of security aspects.
In addition, it has one of the most active open communities worldwide, with approximately 8000 members. The community actively respond wazuh enthusiasts and official support members who ensure that almost all queries are answered.
It is not surprising, given this scenario, that more and more organizations are looking to reduce the cost of proprietary products by migrating their existing SIEM solutions to Wazuh, without losing visibility over their assets.
Datasec is proud to be a Gold Partner of Wazuh for Uruguay, the region and the United States. Our team is certified as "Wazuh for Security Engineers", the official course of the tool and has vast experience in environment implementation, rules generation and use cases in the most diverse industries and organizations of different sizes.
As being a partner and actively participating in the community was not enough, we have decided to gradually publish some of the know-how that we have built up over the years so everyone can use it freely. Because we believe that only by sharing can we truly become more secure.
As being a partner and actively participating in the community was not enough for us, we have gradually decided to publish some of the know-how we have built up over the years, so that everyone can use it freely. Because we believe that only by sharing can we truly become more secure.
You can find our first article in the following link
