Wazuh is an open-source Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) platform. It provides comprehensive security monitoring for endpoints, servers, and cloud workloads with threat detection, incident response, and compliance capabilities.
- Current stable: 4.14.3 (February 2026)
- Intrusion detection: File integrity monitoring and log analysis
- Threat detection: Behavioral analysis and threat intelligence
- Vulnerability detection: Automated vulnerability assessment
- Incident response: Automated response capabilities
- Compliance: PCI DSS, HIPAA, GDPR, and more
- Cloud security: AWS, Azure, GCP integration
- Security monitoring and SIEM
- Endpoint detection and response (EDR)
- Compliance monitoring and reporting
- Threat hunting and incident response
- Cloud security monitoring
- Manager: C, Python
- Agent: C
- Dashboard: TypeScript, React (OpenSearch Dashboards)
- Indexer: Java (OpenSearch)
- Open-source and self-hosted
- Wazuh Cloud managed service available
- Built on OpenSearch stack
¶ History and References