加载中
正在获取最新内容,请稍候...
Wazuh - The Open Source Security Platform
Wazuh is an open source security platform, providing Unified XDR and SIEM protection for endpoints and cloud workloads.
C
Added on 2025年7月3日12,805
Stars1,896
ForksC
LanguageProject Introduction
Summary
Wazuh is a free and open source platform for threat detection, security monitoring, incident response, and compliance auditing. It unifies XDR and SIEM capabilities to provide comprehensive protection across endpoints, cloud workloads, containers, and more.
Problem Solved
Organizations face increasing cybersecurity threats, complex compliance requirements, and a lack of unified visibility across diverse IT environments (on-premise, cloud, endpoints). Wazuh addresses these by offering a comprehensive, open-source solution for threat detection, security monitoring, and compliance.
Core Features
Endpoint Security & Visibility
Provides real-time threat detection, security monitoring, and incident response capabilities for a wide range of endpoints.
Cloud Workload Protection
Integrates with various cloud providers to monitor and secure cloud infrastructure and workloads.
SIEM & Log Analysis
Collects and analyzes security logs from multiple sources, acting as a centralized Security Information and Event Management system.
Tech Stack
Elasticsearch/OpenSearch
Kibana/OpenSearch Dashboards
Wazuh Agents
Wazuh Server
API
Use Cases
Wazuh's versatile capabilities make it applicable to a wide range of security and compliance use cases:
Endpoint Security Monitoring & Threat Detection
Details
Deploy agents on servers, workstations, and laptops to monitor system calls, file changes, processes, and network connections for malicious activity.
User Value
Provides centralized visibility and enables rapid detection of compromises across all endpoints.
Cloud & Container Security
Details
Monitor security logs and configurations from cloud services (AWS, Azure, GCP), containers (Docker, Kubernetes), and serverless functions.
User Value
Extends security visibility and control into dynamic cloud and container environments.
Recommended Projects
You might be interested in these projects
apachepolaris
Apache Polaris is the interoperable, open source catalog for Apache Iceberg, providing a central metadata service to manage Iceberg tables across various data processing engines.
Java
1558263
apachetika
Apache Tika is a toolkit that detects and extracts metadata and text from over a thousand different file types (such as PPT, XLS, and PDF). It's a powerful content analysis tool.
Java
3013821
curlcurl
curl is a command-line tool and library for transferring data with URL syntax, supporting a vast range of protocols including HTTP, FTP, SCP, and more. It's widely used for fetching data, testing APIs, and automating tasks.
C
382056753