Wazuh is a free and open source security platform that unifies XDR and SIEM protection for endpoints and cloud workloads.
Maltiverse provides a cyber threat intelligence API providing information about threats and their potential indicators of compromise (IOCs). This new integration improves the ability of security teams to acquire valuable insights about potential threats within their environment.
This integration identifies IoCs in Wazuh alerts via the Maltiverse API. It generates new alerts enriched with Maltiverse data. The Maltiverse data fields are based on the threat taxonomy of the ECS standard (Elastic Common Schema).To set up this integration, do the following clicking on Integrate.