Wazuh Primary Use Case
Our company only has a small five-person team working with Wazuh. We wanted a log management solution that we could deploy onto our cloud, so we deployed Wazuh on Kubernetes and integrated different log sources into a centralized logging solution.
The second use case is log searching. We wanted a usable integrated search, and Wazuh a good search integrated usable. Wazuh has support for Elasticsearch, which provides searching capabilities. Cost-effectiveness was important for us, and Wazuh is a top open source solution.
View full review »Our main use case for Wazuh is in the healthcare industry, where we deploy it to help companies monitor their products during deployment. However, we also utilize Wazuh for IoT and OT, as well as for endpoint detection and response.
View full review »We primarily use Wazuh for internal security monitoring to ensure the safety of our organization's internal systems. We have two specific requirements: first, we use it to monitor our internal operations, which is essential for general security purposes. Second, we rely on Wazuh to manage the security of the National Telecom department's specialized software. This second requirement involves using multiple SOC solutions. However, within our organization, Wazuh's main focus is on monitoring our internal software.
Buyer's Guide
Wazuh
March 2024
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
767,995 professionals have used our research since 2012.
We primarily use the solution as a cybersecurity monitoring solution. It has a powerful endpoint agent and can work as an EDR for endpoint detection and response.
We gather information about the company and identify data sources. We develop a use case around them and have a specified case output. For example, if we want to do hard test or service scans, we gather some event logs from the firewalls, et cetera, and develop some logic. The logic will help us detect anomalies during hard scans. We use Wazuh for log extraction and logic application. It is a general framework.
RA
Rico Agung
Informatics Engineering Lecturer at Innovation Center STMIK AMIKOM
The primary use case for Wazuh is the detection of malware.
View full review »CG
Chaitanya Ghate
Principal Architect at Calsoft
Our primary use case for Wazuh is monitoring endpoints. The second is incident management. Logging is essential for us because of Indian IT compliance rules require us to store logs for 180 days. We need to monitor and maintain logs also.
Wazuh is monitoring around 1,200 inputs, but there are only about four or five members of the IT team directly using the solution.
We use it as a cost-effective solution for our customers who are in the initial stages of adopting security measures. Many of these customers are new to security practices and are primarily seeking compliance with regulations.
View full review »MB
Muhammad Muaaz Bin Zaka
Software Engineer at a computer software company with 1,001-5,000 employees
We are using Wazuh for security information and event management, PCI DSS compliance, auditing, real-time sensitive monitoring, and meeting regulatory requirements.
View full review »Wazuh is very good. It offers the ability to measure and benchmark your environment to one of the standards. We installed it on the customer's premises and benchmarked it against CIS controls. We are not in a big environment, and we haven't tested Wazuh for long.
SS
Shivendra S.
Senior Director of Engineering - Information Security at Apna
We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company.
So it can detect more than just games. You can customize it to detect specific software. We have a whitelist of approved software, and Wazuh compares it with the software installed on the device. If there are any mismatches, it reports it to us. So, for instance, we can whitelist Facebook, Blackboard, and YouTube.
View full review »I use this product as an integrity marketing solution in the financial sector. We are users of Wazuh and I'm head of information security.
I use Wazuh as an open-source solution for SIEM and file integrity monitoring. I have conducted a few POCs in the bank sectors, as well as demos specifically regarding SIEM.
In Pakistan, we have a state bank that controls the regularities. The banking sector wants to save money and is only interested in compliance. Our company helps them with this. Wazuh is used for file integrity monitoring on Unix, Linux, and Windows systems.
Wazuh is available on the cloud, however, it depends on the customer. I work with the financial sector, which does not want its data to be on a public or private cloud.
View full review »The solution can be used for monitoring changes on the endpoint of machines. It focuses mostly on endpoints and the dangers that may come through.
View full review »We're using it in our company as well as our customer's companies.
It is usually used for SIM and log collection and licenses.
View full review »My company uses Wazuh in our lab environment, where we have 100 endpoints.
We use Wazuh for PCI compliance monitoring. It can detect whether a server or PCA node is PCI compliant.
View full review »We wanted a solution as an in-house SIEM tool, which can collect security and order logs for compliance purposes. We tried to explore a lot of tools and considering our budget and use cases, this tool matched our requirements.
We have five to seven users and we will be adding more users.
View full review »It is a basic level requirement for the compliance factor. There is regulatory compliance by the regulator called CDDISR, and we need to ensure that all the network's critical components send the logs. Wazuh allows us to complete forensic tasks to track any attacks.
We integrated all of our services and infrastructure in the cloud with Wazuh.
View full review »We use the solution for vulnerability metrics, auditing, and detecting SQL injection attacks.
View full review »We use the solution for endpoint detection and response. It helps us detect malicious files.
View full review »GS
GaryStarling
Vice President Information Technology and Security at a comms service provider with 201-500 employees
Wazuh is used for event information and management. We have several events that are of interest, and Wazuh lets our folks know if any of them trigger.
View full review »It is used primarily for event management in our organization, which falls into the category of an edge Intrusion Detection System (IDS) or host Internet protection system. Our company is not very large, with around twenty to thirty servers and approximately one hundred fifty to two hundred endpoints. Wazuh serves as a centralized platform for collecting security events and managing vulnerabilities across your systems. Its main purpose is to analyze and improve the overall security posture of our organization.
We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
View full review »We use the solution for event monitoring.
View full review »My main use case for Wazuh is checking security events.
View full review »We use Wazuh as a SIEM tool for log aggregation and understanding different compliances. If there are vulnerabilities in the operating systems, that can be traced using Wazuh.
View full review »MU
reviewer2263155
Lead Security Engineer at a tech services company with 201-500 employees
We use Wazuh as a SIEM instead of Logstash, so it's like a managed version of ELK. We customized queries and search detection according to that. The good thing is that it also provides a module called Monitor, and using that, we set up alerts to Slack or email. Then, based on Slack, we implemented an automation to prevent things as per our demands.
View full review »Our primary use case is for monitoring the cloud as well as infrastructure.
We use Wazuh for inventory, logging activity, malware detection, and detecting hidden processes running on the server.
View full review »OP
reviewer2301372
Security Analyst at a tech services company with 501-1,000 employees
We use Wazuh to deliver security features in a venture capital company project focused on building a mobile application.
View full review »RS
reviewer1804125
Tech Lead Security at a comms service provider with 51-200 employees
We are using Wazuh for our SOC environment. We are managing and monitoring our infrastructure using the Wazuh SIEM
View full review »SP
reviewer1593909
Chief Information Security Officer at a financial services firm with 501-1,000 employees
We collect logs in it, and then we correlate logs against the MITRE ATT&CK framework. We have configured some notifications.
View full review »VS
reviewer2342391
Security engineer at a tech services company with 51-200 employees
We use Wazuh for internal testing, instant response, security operations, and compliance.
View full review »Buyer's Guide
Wazuh
March 2024
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
767,995 professionals have used our research since 2012.