Comprehensive Protection
Wazuh provides out-of-the-box monitoring for configuration assessment, malware detection, file integrity monitoring, threat hunting, log data analysis, vulnerability detection, incident response, regulatory compliance, IT hygiene, and more.
Customizable Checks
Wazuh allows users to customize various security checks for system and application misconfiguration, malicious activities and indicators of compromise from malware infection, and more.
Automation
Wazuh automates security processes to provide 24/7 monitoring, preventive actions, and countermeasure response to threats, allowing Fognigma users to focus on operations.
Incident Response
When certain criteria are met, Wazuh performs out-of-the-box countermeasure responses, such as blocking network access access to endpoints from the source of the threat.
From the FOGNIGMA interface, an administrator deploys a communication and collaboration network with a Wazuh server to monitor a server, file server, and other network endpoints
During the operation, Wazuh detects unusual activity from a remote source (Bravo) attempting to gain unwanted access the virtual machine hosting the file server.
In response to the threat, Wazuh blocks the suspicious endpoint (Bravo) automatically. To help ensure the safety of the operation moving forward, the administrator automates Fognigma to migrate the network to different virtual machines and IPs.
