Visualization and dashboard

Wazuh offers a web dashboard for data visualization and analysis. The Wazuh dashboard comes with out-of-the-box modules for threat hunting, compliance, detected vulnerable applications, file integrity monitoring data, configuration assessment results, and cloud infrastructure monitoring. It’s useful for performing forensic and historical alert analysis.

The Wazuh dashboard assists in meeting the following HIPAA section:

  • Security Management Process §164.308(a)(1) - Information System Activity Review: “Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.”

This section of the HIPAA standard requires reviewing the activities performed on endpoints that handle health data regularly. This is to detect malicious behavior or security violations.

Use case: Review HIPAA security alerts

Wazuh generates alerts when there are violations of the HIPAA sections. The Wazuh dashboard is used to review events and alerts generated by suspicious activities.

The Wazuh dashboard comes with a dedicated module to track HIPAA related events.

When you choose the HIPAA module, you can see all alerts related to the HIPAA standard:

Additionally, the Controls section of the HIPAA compliance dashboard shows the various HIPAA related events. For ease of navigation, the Wazuh dashboard groups events according to the HIPAA section they meet or violate.

On the Wazuh dashboard, each HIPAA section has an information area. This area details the goals of the section, its description, and related events on the monitored endpoints.