WAZUH

Wazuh is a free, open-source Endpoint Detection and Response (EDR) solution that can be deployed at any scale. It uses a manager-agent model, where a central manager oversees agents installed on monitored devices. Wazuh helps detect security threats by:

• Auditing devices for vulnerabilities

• Monitoring suspicious activity (e.g., unauthorized logins, brute-force attacks, privilege escalations)

• Visualizing security data through graphs

• Detecting anomalies by recording normal device behavior