Endpoint Security
SCA, Malware & FIM
Configuration Assessment
Security Configuration Assessment (SCA) involves assessing system settings and configurations to ensure they comply with security best practices and standards.
Wazuh has an SCA module that identifies misconfigurations and vulnerabilities on monitored endpoints. This capability helps you manage your attack surface efficiently to improve your security
posture.
Take the first step in system hardening by using our Security Configuration Assessment capability to check for exposures and misconfigurations in your
endpoints.

Advantages of Wazuh SCA

Vulnerability Detection

Integrated Compliance Management

System Hardening

Continuous Monitoring

Extensive Configuration Checks

Reporting and Analysis
Malware Detection
Malware detection comprises strategies and tools to detect malware threats.
The Wazuh SIEM and XDR platform uses several advanced malware detection techniques for a wide range of malware, including ransomware, rootkits, spyware, adware, trojans, viruses, and worms.
Leverage the following Wazuh malware detection capabilities to secure your IT assets.

Malware Detection for IT Security

Realtime cross-platform protection

Ransomware protection

Rootkit detection

Extensible Integrations for Malware Detection

Advanced Rulesets and Decoders

Correlate and Visualize Information from Various Sources
Malware Detection Techniques

File Integrity Monitoring
and Threat Detection Rules

Rootkits Behavior Detection

CDB Lists
and Threat Intelligence

VirusTotal integration

File Integrity Monitoring and YARA

ClamAV logs collection

Custom Rules to Detect Malware IOC

Windows Defender logs collection
File Integrity Monitoring
The Wazuh File Integrity Monitoring (FIM) module monitors and alerts on changes to critical files and directories.
This module helps organizations meet compliance requirements and quickly detect file changes that indicate a compromise or cyberattack.

Features

Real-time monitoring

Security breach detection

Regulatory compliance

Centralized management

Scalability

Cross-platform support