Path: blob/main/website/content/en/status/report-2024-10-2024-12/wazuh.adoc
18097 views
=== Wazuh on FreeBSD Links: + link:https://www.wazuh.com/[Wazuh] URL: link:https://www.wazuh.com/[] + Contact: José Alonso Cárdenas Márquez <[email protected]> Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. Besides, Wazuh has been fully integrated with the Elastic Stack or OpenSearch Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts. After a long break, ports has been updated to include Wazuh version 4.9.2. This version of Wazuh uses Python 3.11 instead of 3.10, and it includes some new features: * support to get ports info, * support to get processes info, * improved memory info, * FreeBSD decoder and rule files, and * link:https://github.com/alonsobsd/wazuh-freebsd[FreeBSD Security Configuration Assessment files] for 13.x, 14.x and 15-CURRENT. Also, FreeBSD ports include a custom version of wazuh-dashboard-plugins for a better integration with FreeBSD. Wazuh can easily be installed in a jail by following the link:https://github.com/AppJail-makejails/wazuh[Wazuh AppJail-Makejails] tutorial. Anyone interested in helping with the project or interested in aarch64 device donation for testing/packaging is welcome. Current version: 4.9.2 TODO * Add Wazuh cluster-mode infrastructure AppJail makejails * Add vulnerability detection support to FreeBSD Wazuh agent * Add FreeBSD as officially supported platform by Wazuh Inc * Update FreeBSD SCA Policies to new FreeBSD CIS Benchmark