The new Wazuh 4.11.0 version introduces significant improvements that enhance security levels and optimize system performance. This update features an improved vulnerability detection process based on the CVE Numbering Authority (CNA) and updates the base operating system in Wazuh AMI and OVA images.
Additionally, the Syscollector module has been enhanced to provide more accurate system inventory reports, enabling better asset management. Improvements have also been made to the FIM and SCA decoders, along with enhanced event processing for the AWS Custom Logs Buckets module.
To round off these enhancements, the Wazuh Dashboard has been redesigned to offer a more intuitive and efficient visual experience.
What's New in Wazuh 4.11.0: Key Improvements You Need to Know
The latest version of Wazuh 4.11.0 has arrived, bringing significant updates that improve vulnerability detection, software inventory accuracy, and system performance. Let's dive into the highlights of this release and how these enhancements can boost your security strategy.
Enhanced Vulnerability Detection
Wazuh 4.11.0 now integrates vulnerability data from the Cybersecurity and Infrastructure Security Agency (CISA). Whenever CISA data is available, Wazuh will prioritize it over information from the National Vulnerability Database (NVD).
What does this mean for you? More detailed vulnerability assessments, fewer false positives, and improved alignment with trusted security sources.
Here's how it works: Wazuh first checks CISA's database for information on known vulnerabilities (CVEs). If no data is available for a specific CVE, it automatically falls back to NVD data as a secondary source. This structured approach enhances accuracy and ensures you receive the most relevant security insights.
Read more: What is a Cyberattack?
Improved Wazuh Syscollector Module
The Wazuh Syscollector module has been enhanced to improve software detection on macOS and Windows, ensuring a more accurate software inventory.
Key updates include:
- Improved package detection on macOS.
- Expanded support for identifying pip and npm packages.
- Integration with the Windows Management Instrumentation (WMI) API for better detection of system updates on Windows environments.
These enhancements address previous gaps in software inventory tracking, ensuring the Wazuh agent accurately identifies packages across various environments. This improved visibility helps system administrators strengthen compliance checks and security monitoring. For more details, check out our system inventory documentation.
Updated Operating System for Wazuh AMI and OVA
The base operating system for Wazuh AMI and OVA virtual machine images has been upgraded from Amazon Linux 2 (AL2) to Amazon Linux 2023 (AL2023).
Why is this change important? The AL2023 upgrade offers:
- Improved system performance
- Enhanced security with the latest patches
- Better compliance with modern security standards
This update also mitigates security vulnerabilities present in AL2, ensuring a safer and more stable environment for virtualized infrastructures.
Conclusión
With each update, Wazuh continues to improve, delivering a stronger and more efficient security solution. Version 4.11.0 enhances vulnerability detection accuracy, improves software inventory control, and optimizes the virtualized environment with a more secure operating system.
