How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We wanted a solution as an in-house SIEM tool, which can collect security and order logs for compliance purposes. We tried to explore a lot of tools and considering our budget and use cases, this tool matched our requirements. We have five to seven users and we will be adding more users.
It is a basic level requirement for the compliance factor. There is regulatory compliance by the regulator called CDDISR, and we need to ensure that all the network's critical components send the logs. Wazuh allows us to complete forensic tasks to track any attacks.
Our primary use case for Wazuh is monitoring endpoints. The second is incident management. Logging is essential for us because of Indian IT compliance rules require us to store logs for 180 days. We need to monitor and maintain logs also. Wazuh is monitoring around 1,200 inputs, but there are only about four or five members of the IT team directly using the solution.
My main use case for Wazuh is checking security events.
Our company only has a small five-person team working with Wazuh. We wanted a log management solution that we could deploy onto our cloud, so we deployed Wazuh on Kubernetes and integrated different log sources into a centralized logging solution. The second use case is log searching. We wanted a usable integrated search, and Wazuh a good search integrated usable. Wazuh has support for Elasticsearch, which provides searching capabilities. Cost-effectiveness was important for us, and Wazuh is a top open source solution.
We integrated all of our services and infrastructure in the cloud with Wazuh.
The use-case is to obtain security events centrally across multiple servers deployed in the enterprise.
- to understand if any OS-level vulnerabilities are identified and notify relevant teams.
- to identify and obtain reports on PCI DSS posture across multiple servers.
I use Wazuh as an open-source solution for SIEM and file integrity monitoring. I have conducted a few POCs in the bank sectors, as well as demos specifically regarding SIEM. In Pakistan, we have a state bank that controls the regularities. The banking sector wants to save money and is only interested in compliance. Our company helps them with this. Wazuh is used for file integrity monitoring on Unix, Linux, and Windows systems. Wazuh is available on the cloud, however, it depends on the customer. I work with the financial sector, which does not want its data to be on a public or private cloud.
Wazuh is used for event information and management. We have several events that are of interest, and Wazuh lets our folks know if any of them trigger.
We are using Wazuh for our SOC environment. We are managing and monitoring our infrastructure using the Wazuh SIEM
We collect logs in it, and then we correlate logs against the MITRE ATT&CK framework. We have configured some notifications.