Wazuh
With Geliştir Cloud Core Panel, you can install the latest version of your Wazuh server within minutes and start using it immediately.
Overview
Wazuh, as an open source-based security monitoring and threat detection platform, provides a powerful SIEM solution to ensure comprehensive security monitoring of modern IT infrastructures. With a Unified XDR (Extended Detection and Response) approach, it monitors security events at network, endpoint, cloud and container levels and performs advanced threat analytics. This platform, which offers enterprise-grade capabilities for SOC analysts, security engineers and DevSecOps teams, has been developed as the evolution of OSSEC HIDS.
It provides comprehensive security operations with advanced threat detection capabilities, vulnerability assessment, compliance monitoring and incident response automation features. It offers multi-layered protection with file integrity monitoring (FIM), rootkit detection, malware identification and behavioral analysis. Ready-to-use rulesets and automated reporting capabilities are available for PCI DSS, GDPR, HIPAA, SOX compliance frameworks. It offers native integrations for AWS, Azure, GCP and Kubernetes environments with cloud-native architecture.
Key Features
Unified SIEM and XDR Platform
Centralized log management, real-time event correlation, threat intelligence integration, MITRE ATT&CK framework mapping and security incident workflow automation.
Advanced Threat Detection and Response
Machine learning-based anomaly detection, behavioral analysis, IOC matching, automated threat hunting and incident response playbooks. Zero-day attack detection capabilities.
Compliance and Vulnerability Management
PCI DSS, GDPR, HIPAA, SOX compliance monitoring, automated vulnerability scanning, configuration assessment and regulatory reporting automation.
Cloud-Native and Scalable Architecture
Docker/Kubernetes deployment, AWS/Azure/GCP integrations, elastic scaling, distributed architecture and high availability clustering. API-first design.
Use Cases
Enterprise Security Operations (SOC)
SIEM operations, threat hunting, incident response automation, security analytics and 24/7 monitoring capabilities
Cloud Security and DevSecOps
Cloud workload protection, container security, CI/CD pipeline security and infrastructure as code security scanning
Compliance and Risk Management
Regulatory compliance monitoring, audit trail management, risk assessment automation and compliance reporting
Endpoint and Network Protection
Host-based intrusion detection, network monitoring, malware detection and endpoint threat response
System Requirements
Minimum
- 2 vCPU
- 4 GB RAM
- 50 GB Disk
Recommended
- 8 vCPU
- 16 GB RAM
- 500 GB SSD
