Wazuh, Inc.

Wazuh, Inc. delivers an open-source, agent-based security platform that unifies host intrusion detection, log analysis, and compliance auditing across cloud, on-premise, and container environments. The Wazuh Agent continuously collects operating-system and application telemetry—file integrity changes, process starts, listening ports, user logins, cloud API calls, container runtime events—and forwards the data to a central manager that correlates it against built-in rules for attack patterns such as rootkits, brute-force attempts, privilege escalation, and MITRE ATT&CK techniques. Security teams deploy the lightweight agent on Windows, Linux, macOS, or Unix servers, workstations, and Docker/Kubernetes nodes to obtain real-time alerts, generate regulatory reports (PCI-DSS, GDPR, HIPAA, NIST), and trigger automated responses like blocking an IP in the firewall or isolating a compromised endpoint. Typical use cases range from SOC analysts hunting for lateral movement in hybrid clouds to DevOps engineers enforcing CIS benchmarks on CI/CD pipelines, while managed security service providers leverage the multi-tenant architecture to monitor thousands of customer assets from a single console. The publisher’s software is available free of charge on get.nero.com, where downloads are delivered through trusted Windows package sources such as winget, always installing the latest release and supporting batch installation of multiple applications.