Scribd Logo
Upload

Welcome to Scribd!

  • 27 views

    Wazuh SIEM: Click To Edit Master Title Style

    Uploaded by

    Ali Soomro
    This document discusses Wazuh, an open-source security platform that unifies XDR and SIEM capabilities. It consists of Wazuh agents that are installed on systems to monitor for threats, a server that analyzes data from agents and detects indicators of compromise, and Elastic Stack for data visualization. Wazuh can detect intrusions, analyze logs, monitor files for integrity, detect vulnerabilities, and assess configurations for compliance. It can be deployed either with all components on one system or in a distributed manner across multiple servers for scalability. Wazuh agents connect endpoints to the server.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd

    Wazuh SIEM: Click To Edit Master Title Style

    Uploaded by

    Ali Soomro
    27 views10 pages
    This document discusses Wazuh, an open-source security platform that unifies XDR and SIEM capabilities. It consists of Wazuh agents that are installed on systems to monitor for threats, a server that analyzes data from agents and detects indicators of compromise, and Elastic Stack for data visualization. Wazuh can detect intrusions, analyze logs, monitor files for integrity, detect vulnerabilities, and assess configurations for compliance. It can be deployed either with all components on one system or in a distributed manner across multiple servers for scalability. Wazuh agents connect endpoints to the server.

    Original Title

    Untitled

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document discusses Wazuh, an open-source security platform that unifies XDR and SIEM capabilities. It consists of Wazuh agents that are installed on systems to monitor for threats, a server that analyzes data from agents and detects indicators of compromise, and Elastic Stack for data visualization. Wazuh can detect intrusions, analyze logs, monitor files for integrity, detect vulnerabilities, and assess configurations for compliance. It can be deployed either with all components on one system or in a distributed manner across multiple servers for scalability. Wazuh agents connect endpoints to the server.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    27 views10 pages

    Wazuh SIEM: Click To Edit Master Title Style

    Uploaded by

    Ali Soomro
    This document discusses Wazuh, an open-source security platform that unifies XDR and SIEM capabilities. It consists of Wazuh agents that are installed on systems to monitor for threats, a server that analyzes data from agents and detects indicators of compromise, and Elastic Stack for data visualization. Wazuh can detect intrusions, analyze logs, monitor files for integrity, detect vulnerabilities, and assess configurations for compliance. It can be deployed either with all components on one system or in a distributed manner across multiple servers for scalability. Wazuh agents connect endpoints to the server.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    of 10

    Click to edit Master title style

    Wazuh SIEM

    1
    Click to edit Master title style

    Group Members
    Shahzad Haider (20SW067)
    Eid Muhammad (20SW009)
    Ali Raza (20SW007)
    Ammar Raza (20SW039)
    Mahmood Rasheed ( 20SW047)

    2 2
    Click to edit Master title style
    What is SIEM?
    SIEM (Security Information and Event
    Management) software centrally collects,
    stores, and analyzes logs from the perimeter
    t o t h e e n d u s e r. I t h e l p s i n m o n i t o r i n g
    security threats in real-time for quick attack
    detection, containment, and response with
    holistic security reporting and compliance
    management.

    3 3
    Click to
    What edit Master title style
    is wazuh?

    Wazuh is a free and open-source security


    platform that unifies XDR and SIEM capabilities.
    It aims to protect workloads across on-
    premises, virtualized, containerized, and cloud-
    based environments.

    4 4
    Click toFeatures
    Wazuh edit Master title style
    • Intrusion detection. (Wazuh agents scan the monitored systems looking for malware, rootkits, suspicious
    anomalies.
    • Log data analysis.
    • File integrity monitoring..
    • Vulnerability detection.
    • Configuration assessment.
    • Incident response.
    • Regularity compliance.
    • Cloud Security.

    5 5
    Click to edit Master title style
    Components of Wazuh
    Wazuh consist of the following components:

    • Wazuh Agent
    Cross-platform endpoint security agent that is installed on the system
    / h o s t y o u w o u l d l i k e t o m o n i t o r.

    • Wazuh server
    Analyzes the data receives from the wazuh agents, process this data and
    matches it against rule-sets to identify indicators of compromise
    (IOC’s)

    • Elastic Stack
    Displays and indexes the alerts generated by the wazuh server and provide
    u s e r s w i t h r o b u s t d a t a v i s u a l i z a t i o n a n d a n a l y s i s f u n c t i o n a l i t y.

    6 6
    Click to edit Master title style

    7 7
    Click to edit Master title style WAZUH
    DEPLOYING

    • Wazuh can be deployed in two ways:


    1. All in one wazuh server and ELK stack are installed and
    configured on the same system.
    2. Distributed – Each component is setup on a separate server. This
    is typically suitable for larger environments for the purpose os
    scalability.
    • Wazuh agents are lightweight, cross-platform agents that are used
    for endpoint security and connect to the wazuh server.

    8 8
    Click to edit Master title style

    Thank You 1

    9
    Click to edit Master title style

    Thank You 2

    10

    You might also like