WAZUH AS AN ALTERNATIVE SIEM OPEN SOURCE

Abstract

This article examines the urgency of implementing cybersecurity systems in organizations to protect their critical data and processes from constant cyber threats. In a digitalized and connected environment, information security becomes an essential priority. The Cybersecurity Framework Law number 21,663, recently enacted in Chile, establishes principles to increase security in cyberspace, especially in computer networks and systems with sensitive data, such as essential organizations. The implementation of SIEM systems, such as Wazuh, is presented as a solution to comply with these legal provisions and strengthen cybersecurity in Chilean public organizations. The methodology is presented as Documentary based on Santa Palella and Feliberto Martins (2006), the population is documentary based on Fidias G. Arias (2012), and the technique is observation according to Balestrini Acuña (2002). In conclusion, Wazuh achieves an effective centralization of logs from endpoints with integrated agents, which facilitates the monitoring and detection of threats in real time, facilitating the ability to respond to possible incidents or attacks. This alternative allows complete monitoring of network activity, detecting anomalies in a timely manner. In addition to this, the study visualizes that they are not only at the cybersecurity level, but also have a legal and economic impact, because by strengthening security in an organization with open source platforms, it allows reducing spending by complying with new legal requirements such as the Framework Law.