BSidesChicago 2017 has ended
Back To Schedule
Saturday, July 15 • 9:00am - 12:00pm
Wazuh – Open Source Security for Host and Infrastructure Monitoring
Feedback form is now closed.

Host-based security monitoring has become increasingly important as the number and severity of threats keeps growing. In addition, network security monitoring tools are now harder to deploy, and not as efficient as they used to be.

Another driver for the adoption of host-based monitoring tools is the increased need to comply with security regulations (e.g. PCI DSS).

Wazuh started as a fork of the OSSEC project, and has quickly evolved into a more comprehensive solution. It now integrates OpenSCAP and Elastic Stack providing additional security monitoring and analysis capabilities.

In this session we will show you how to deploy and use Wazuh to:

  • Detect intrusion attempts using rules to automatically analyze log data
  • Monitor files integrity, detecting changes in system binaries or configuration files
  • Index and store log data with Elasticsearch to meet PCI DSS compliance requirements
  • Identify malware (e.g. kernel level rootkits) and system anomalies
  • Monitor systems configuration to ensure they meet standards and hardening guides


Santiago Bassett

Santiago is the founder of Wazuh, and is known for his contributions to OSSIM (Open Source Security Information Management) and OSSEC projects. He has over 15 years of experience in IT Security, covering advanced network security implementations with Open Source technologies. His... Read More →

Saturday July 15, 2017 9:00am - 12:00pm CDT