Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump Wazuh and platform versions for v4.4.5 #5639

Merged
merged 5 commits into from
Jul 7, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,12 @@

All notable changes to the Wazuh app project will be documented in this file.

## Wazuh v4.4.5 - OpenSearch Dashboards 2.6.0 - Revision 01

### Added

- Support for Wazuh 4.4.5

## Wazuh v4.4.4 - OpenSearch Dashboards 2.6.0 - Revision 01

### Added
Expand Down
56 changes: 28 additions & 28 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,31 +16,31 @@ You can learn more about it here [wazuh.com](https://wazuh.com/)
This plugin for OpenSearch Dashboards allows you to visualize and analyze Wazuh alerts stored in OpenSearch and provides the following capabilities:

- Search alerts classified by modules and filter them using the different views. You will be able to explore the alerts both at Wazuh cluster level, and in a particular agent. The modules, divided into the following use cases, are:
- Security Information Management
- Security events: Browse through your security alerts, identifying issues and threats in your environment.
- Integrity monitoring: Alerts related to file changes, including permissions, content, ownership and attributes.
- Amazon AWS: Security events related to your Amazon AWS services, collected directly via AWS API.
- Office 365: Security events related to your Office 365 services.
- GitHub: Security events related to your GitHub organizations, collected via GitHub audit logs API.
- Google Cloud Platform: Security events related to your Google Cloud Platform services, collected directly via GCP API.
- Auditing and Policy Monitoring
- Policy monitoring: Verify that your systems are configured according to your security policies baseline.
- Security configuration assessment: Scan your assets as part of a configuration assessment audit.
- System auditing: Audit users behavior, monitoring command execution and alerting on access to critical files.
- OpenSCAP: Configuration assessment and automation of compliance monitoring using SCAP checks.
- CIS-CAT: Configuration assessment using Center of Internet Security scanner and SCAP checks.
- Threat Detection and Response
- Vulnerabilities: Discover what applications in your environment are affected by well-known vulnerabilities.
- MITRE ATT&CK: Security events from the knowledge base of adversary tactics and techniques based on real-world observations.
- VirusTotal: Alerts resulting from VirusTotal analysis of suspicious files via an integration with their API.
- Osquery: Osquery can be used to expose an operating system as a high-performance relational database.
- Docker listener: Monitor and collect the activity from Docker containers such as creation, running, starting, stopping or pausing events.
- Regulatory Compliance
- PCI DSS: Global security standard for entities that process, store or transmit payment cardholder data.
- NIST 800-53: National Institute of Standards and Technology Special Publication 800-53 (NIST 800-53) sets guidelines for federal information systems.
- GDPR: General Data Protection Regulation (GDPR) sets guidelines for processing of personal data.
- HIPAA: Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides data privacy and security provisions for safeguarding medical information.
- TSC: Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.
- Security Information Management
- Security events: Browse through your security alerts, identifying issues and threats in your environment.
- Integrity monitoring: Alerts related to file changes, including permissions, content, ownership and attributes.
- Amazon AWS: Security events related to your Amazon AWS services, collected directly via AWS API.
- Office 365: Security events related to your Office 365 services.
- GitHub: Security events related to your GitHub organizations, collected via GitHub audit logs API.
- Google Cloud Platform: Security events related to your Google Cloud Platform services, collected directly via GCP API.
- Auditing and Policy Monitoring
- Policy monitoring: Verify that your systems are configured according to your security policies baseline.
- Security configuration assessment: Scan your assets as part of a configuration assessment audit.
- System auditing: Audit users behavior, monitoring command execution and alerting on access to critical files.
- OpenSCAP: Configuration assessment and automation of compliance monitoring using SCAP checks.
- CIS-CAT: Configuration assessment using Center of Internet Security scanner and SCAP checks.
- Threat Detection and Response
- Vulnerabilities: Discover what applications in your environment are affected by well-known vulnerabilities.
- MITRE ATT&CK: Security events from the knowledge base of adversary tactics and techniques based on real-world observations.
- VirusTotal: Alerts resulting from VirusTotal analysis of suspicious files via an integration with their API.
- Osquery: Osquery can be used to expose an operating system as a high-performance relational database.
- Docker listener: Monitor and collect the activity from Docker containers such as creation, running, starting, stopping or pausing events.
- Regulatory Compliance
- PCI DSS: Global security standard for entities that process, store or transmit payment cardholder data.
- NIST 800-53: National Institute of Standards and Technology Special Publication 800-53 (NIST 800-53) sets guidelines for federal information systems.
- GDPR: General Data Protection Regulation (GDPR) sets guidelines for processing of personal data.
- HIPAA: Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides data privacy and security provisions for safeguarding medical information.
- TSC: Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.
- View and edit the Wazuh manager configuration.
- Manage your ruleset (rules, decoders and CDB lists).
- Manage your groups of agents.
Expand Down Expand Up @@ -89,9 +89,9 @@ This plugin for OpenSearch Dashboards allows you to visualize and analyze Wazuh

## Requisites

- Wazuh HIDS 4.4.4
- Wazuh dashboard 4.4.4
- Wazuh indexer 4.4.4
- Wazuh HIDS 4.4.5
- Wazuh dashboard 4.4.5
- Wazuh indexer 4.4.5

## Contribute

Expand Down
2 changes: 1 addition & 1 deletion opensearch_dashboards.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"id": "wazuh",
"version": "4.4.4-01",
"version": "4.4.5-01",
"opensearchDashboardsVersion": "opensearchDashboards",
"configPath": [
"wazuh"
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "wazuh",
"version": "4.4.4",
"version": "4.4.5",
"revision": "01",
"stage": "stable",
"commit": "0e7201ff8",
Expand Down
2 changes: 1 addition & 1 deletion scripts/tag.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
# ======================================================= #

# Wazuh version: major.minor.patch
version = '4.4.4'
version = '4.4.5'
# App's revision number (previous rev + 1)
revision = '01'
# One of 'pre-alpha', 'alpha', 'beta', 'release-candidate', 'stable'
Expand Down