=== Wazuh on FreeBSD Links: + link:https://www.wazuh.com/[Wazuh] URL: link:https://www.wazuh.com/[] Contact: José Alonso Cárdenas Márquez Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. Wazuh features include full integration with https://www.elastic.co/elastic-stack/[Elastic Stack] and https://opensearch.org/[OpenSearch], providing a search engine and data visualization tool through which users can navigate security alerts. Wazuh porting to FreeBSD was started by mailto:m.muenz@gmail.com[Michael Muenz]. His first Wazuh addition to the ports tree was package:security/wazuh-agent[] in September 2021. In July 2022, I took maintainership of this port and started porting other Wazuh components. Currently, all Wazuh components are ported or adapted: package:security/wazuh-manager[], package:security/wazuh-agent[], package:security/wazuh-server[], package:security/wazuh-indexer[], and package:security/wazuh-dashboard[]. On FreeBSD, package:security/wazuh-manager[] and package:security/wazuh-agent[] are compiled from Wazuh source code. package:security/wazuh-indexer[] is an adapted package:textproc/opensearch[] used for storing agents data. package:security/wazuh-server[] includes FreeBSD-oriented adaptions to configuration files. Runtime dependencies comprise package:security/wazuh-manager[], package:sysutils/beats8[] (filebeat), and package:sysutils/logstash8[]. package:security/wazuh-dashboard[] uses an adapted package:textproc/opensearch-dashboards[] and the wazuh-kibana-app plugin generated from wazuh-kibana-app source code for FreeBSD. The main goal of this work is enhancing visibility of FreeBSD as a useful platform for information security or cybersecurity. Additionally, you can easily test a Wazuh single-node infrastructure (All-in-one) using link:https://github.com/alonsobsd/wazuh-makejail[] or link:https://github.com/AppJail-makejails/wazuh[] from link:https://github.com/DtxdF/AppJail[AppJail]. AppJail is a good tool for managing jail containers from the command line. People interested in helping with the project are welcome. Current version: 4.4.4 TODO * Add Wazuh cluster-mode infrastructure makejail (Work in progress) * Add FreeBSD to platforms officially supported by Wazuh Inc; see link:https://github.com/wazuh/wazuh-kibana-app/pull/5413[] * Add FreeBSD SCA Policy (Work in progress)