// arsenal·Blue TeamIntermediateFOSS

Wazuh

Open-source XDR + SIEM platform — OSSEC fork with modern dashboards.

Blue Team

$ wazuh --help

Wazuh

// what it is

Description

Free, open-source security platform combining HIDS, SIEM, log analysis, and compliance reporting. The default 'open-source SOC' build for cost-conscious teams.

// use cases

What people use it for

Open-source SOC platform
Endpoint detection and response on a budget

// commands

The commands you'll type

Install via Docker

$ docker-compose -f wazuh-docker/single-node/docker-compose.yml up

// facts

category: Blue Team
platforms: LIN · WIN · MAC
license: FOSS
difficulty: Intermediate

// links

// related in Blue Team

Blue TeamIntermediate

Snort

The original open-source network intrusion detection system.

FOSS

LIN·WIN·MAC

open entry →

Blue TeamIntermediate

Suricata

OISF's multi-threaded NIDS — modern Snort-rule-compatible alternative.

FOSS

LIN·WIN·MAC

open entry →

Blue TeamIntermediate

TheHive

Open-source security incident response platform — case management for the SOC.

FOSS

LIN

open entry →