Vulnerabilities are security flaws in computer systems that threat actors can exploit to gain unauthorized access to these systems. After exploitation, malware and threat actors may be able to perform remote code execution, exfiltrate data, and carry out other malicious activities. Therefore, organizations must have strategies or security solutions that promptly detect vulnerabilities in their network before bad actors exploit them. Prompt detection and remediation of vulnerabilities in a network help to strengthen its overall security posture.
The Wazuh Vulnerability Detector module helps users discover vulnerabilities in the operating system and applications installed on the monitored endpoints. The module functions using Wazuh native integration with external vulnerability feeds indexed by Canonical, Debian, Red Hat, Arch Linux, Amazon Linux Advisories Security (ALAS), Microsoft, and the National Vulnerability Database (NVD).
- How it works
- Scan types
- Configuring and running scans
- Scanning unsupported systems
- Scanning Windows applications using CPE Helper
- Offline Update
- Querying the vulnerability database