Our company only has a small five-person team working with Wazuh. We wanted a log management solution that we could deploy onto our cloud, so we deployed Wazuh on Kubernetes and integrated different log sources into a centralized logging solution.

The second use case is log searching. We wanted a usable integrated search, and Wazuh a good search integrated usable. Wazuh has support for Elasticsearch, which provides searching capabilities. Cost-effectiveness was important for us, and Wazuh is a top open source solution. 

Our main use case for Wazuh is in the healthcare industry, where we deploy it to help companies monitor their products during deployment. However, we also utilize Wazuh for IoT and OT, as well as for endpoint detection and response.

We primarily use Wazuh for internal security monitoring to ensure the safety of our organization's internal systems. We have two specific requirements: first, we use it to monitor our internal operations, which is essential for general security purposes. Second, we rely on Wazuh to manage the security of the National Telecom department's specialized software. This second requirement involves using multiple SOC solutions. However, within our organization, Wazuh's main focus is on monitoring our internal software.

We primarily use the solution as a cybersecurity monitoring solution. It has a powerful endpoint agent and can work as an EDR for endpoint detection and response. 

We gather information about the company and identify data sources. We develop a use case around them and have a specified case output. For example, if we want to do hard test or service scans, we gather some event logs from the firewalls, et cetera, and develop some logic. The logic will help us detect anomalies during hard scans. We use Wazuh for log extraction and logic application. It is a general framework. 

The primary use case for Wazuh is the detection of malware.

Our primary use case for Wazuh is monitoring endpoints. The second is incident management. Logging is essential for us because of Indian IT compliance rules require us to store logs for 180 days. We need to monitor and maintain logs also. 

Wazuh is monitoring around 1,200 inputs, but there are only about four or five members of the IT team directly using the solution. 

We use it as a cost-effective solution for our customers who are in the initial stages of adopting security measures. Many of these customers are new to security practices and are primarily seeking compliance with regulations.

We are using Wazuh for security information and event management, PCI DSS compliance, auditing, real-time sensitive monitoring, and meeting regulatory requirements.

Wazuh is very good. It offers the ability to measure and benchmark your environment to one of the standards. We installed it on the customer's premises and benchmarked it against CIS controls. We are not in a big environment, and we haven't tested Wazuh for long.

We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company. 

So it can detect more than just games. You can customize it to detect specific software. We have a whitelist of approved software, and Wazuh compares it with the software installed on the device. If there are any mismatches, it reports it to us. So, for instance, we can whitelist Facebook, Blackboard, and YouTube.

I use this product as an integrity marketing solution in the financial sector. We are users of Wazuh and I'm head of information security. 

I use Wazuh as an open-source solution for SIEM and file integrity monitoring. I have conducted a few POCs in the bank sectors, as well as demos specifically regarding SIEM. 

In Pakistan, we have a state bank that controls the regularities. The banking sector wants to save money and is only interested in compliance. Our company helps them with this. Wazuh is used for file integrity monitoring on Unix, Linux, and Windows systems.

Wazuh is available on the cloud, however,  it depends on the customer. I work with the financial sector, which does not want its data to be on a public or private cloud.

The solution can be used for monitoring changes on the endpoint of machines. It focuses mostly on endpoints and the dangers that may come through. 

We're using it in our company as well as our customer's companies. 

It is usually used for SIM and log collection and licenses.

My company uses Wazuh in our lab environment, where we have 100 endpoints.

We use Wazuh for PCI compliance monitoring. It can detect whether a server or PCA node is PCI compliant.

We wanted a solution as an in-house SIEM tool, which can collect security and order logs for compliance purposes. We tried to explore a lot of tools and considering our budget and use cases, this tool matched our requirements.

We have five to seven users and we will be adding more users.

It is a basic level requirement for the compliance factor. There is regulatory compliance by the regulator called CDDISR, and we need to ensure that all the network's critical components send the logs. Wazuh allows us to complete forensic tasks to track any attacks.

We integrated all of our services and infrastructure in the cloud with Wazuh.

We use the solution for vulnerability metrics, auditing, and detecting SQL injection attacks.

We use the solution for endpoint detection and response. It helps us detect malicious files.

Wazuh is used for event information and management. We have several events that are of interest, and Wazuh lets our folks know if any of them trigger.

It is used primarily for event management in our organization, which falls into the category of an edge Intrusion Detection System (IDS) or host Internet protection system. Our company is not very large, with around twenty to thirty servers and approximately one hundred fifty to two hundred endpoints. Wazuh serves as a centralized platform for collecting security events and managing vulnerabilities across your systems. Its main purpose is to analyze and improve the overall security posture of our organization.

We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.

We use the solution for event monitoring.

My main use case for Wazuh is checking security events.

We use Wazuh as a SIEM tool for log aggregation and understanding different compliances. If there are vulnerabilities in the operating systems, that can be traced using Wazuh.

We use Wazuh as a SIEM instead of Logstash, so it's like a managed version of ELK. We customized queries and search detection according to that. The good thing is that it also provides a module called Monitor, and using that, we set up alerts to Slack or email. Then, based on Slack, we implemented an automation to prevent things as per our demands.

Our primary use case is for monitoring the cloud as well as infrastructure.

We use Wazuh for inventory, logging activity, malware detection, and detecting hidden processes running on the server. 

We use Wazuh to deliver security features in a venture capital company project focused on building a mobile application.

We are using Wazuh for our SOC environment. We are managing and monitoring our infrastructure using the Wazuh SIEM

We collect logs in it, and then we correlate logs against the MITRE ATT&CK framework. We have configured some notifications.

We use Wazuh for internal testing, instant response, security operations, and compliance.