Wazuh vs Open EDR
-
Good afternoon ITpro.tv:
I would like to as a question I know that Wazuh is used as a SIEM server while open EDR is more about threat detection and prevention. I would like to know if Open EDR has also the capabilities of SIEM or would it be good to experiment with both as explained by Loury.
Thanks
Victor -
Hey @Victor-Rosa
From what I can tell OpenEDR is only an EDR solution. Most EDR solutions will integrate with SIEMs via API or connectors, so it's not out of the realm of possibility that you could hook OpenEDR to an open-source SIEM like OSSIM, ELK, or others.
I hope that helps,
Daniel -
Thanks @daniel-lowrie87 Is going to be very interesting play with both and learn from them. You are a great instructor and please keep the Cyber security webinars. They are super entertaining.
-
Thanks @Victor-Rosa !!!
I appreciate the compliments and I'm glad to hear that you're enjoying my training :)