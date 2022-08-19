The open source tool helps the admin to take stock. This allows him to uncover gaps and attacks and quickly initiate countermeasures.

Apart from firewalls and network-based intrusion detection systems, Wazuh is an interesting combination of host-based IDS, event monitoring and active threat prevention. The open source project offers many options for detecting vulnerabilities in your own computer fleet, detecting attacks and even being able to ward them off.

Traditionally, companies use tools from two categories for this use case:

– SIEM systems (Security and Event ) are mainly concerned with the detection, storage and indexing of log files and other event logs. They offer a centralized and unified view of the data and are not only useful for admins and security officers, but also for the compliance department.