Wazuh
Open security platform combining SIEM, XDR, file integrity monitoring, and compliance checks across endpoints and cloud.
Why it is included
Widely deployed OSS stack for centralized detection and posture reporting, with a clear agent–manager model and active releases.
Best for
Security and platform teams needing log analysis, FIM, and vulnerability workflows without proprietary SIEM lock-in.
Strengths
- Unified SIEM/XDR narrative on open code
- Large ruleset and community content
- Elastic/OpenSearch integration path
Limitations
- Operational depth—tune rules and retention for your scale
Good alternatives
OSSEC (heritage) · Elastic SIEM (commercial stack)
Related tools
Monitoring & Observability
Zabbix
Enterprise monitoring for networks, servers, clouds, and applications with alerting.
Monitoring & Observability
Prometheus
Time-series metrics and alerting with PromQL.
Security & Privacy
Lynis
Host-based security auditing for Unix: misconfigurations, packages, SSH, kernel hardening hints.
Security & Privacy
Syft
CLI and library for generating SBOMs (SPDX, CycloneDX) from images, directories, and archives.
Security & Privacy
osquery
Expose OS state as SQL tables—processes, sockets, users, browser extensions—for fleet visibility and compliance.
Security & Privacy
Greenbone Community Edition (OpenVAS)
Full vulnerability management stack: OpenVAS scanner, Greenbone Vulnerability Manager, feeds, and web UI for scan management.