Wazuh (SIEM)

Open Source Security Monitoring

As part of a broad initiative to strengthen security posture at Carousell Group, I was responsible for the implementation of Wazuh, a powerful open-source security platform. My work involved deploying Wazuh as a centralized SIEM and Host-based Intrusion Detection System (HIDS) to provide deep security visibility across our server fleet.

The core of the project was to onboard all virtual machines to the centralized Wazuh manager. I utilized Ansible to create an automated workflow for deploying and configuring the Wazuh agent across every environment. This ensured that the security team had immediate, comprehensive insight into system-level events, potential intrusions, and compliance status, fundamentally improving our ability to detect and respond to threats.

Key Competencies

• SIEM Implementation: Deploying and configuring the Wazuh server and agents.
• Automated Deployment: Using Ansible to automate the rollout of agents at scale.
• Security Observability: Enabling real-time monitoring of security-related events on servers.
• Intrusion Detection: Leveraging Wazuh's capabilities to detect potential security threats.