DetectEP: A Vulnerability Monitoring and Detection Tool Using Wazuh in a Military Institution (#1155)

Authors

Uribe Arroyo, Antony

Altamirano Irigoin, Javier

Quinto Huamán, Carlos

Romero Vela, Sonia Lidia

Ochoa Castillo, Percy Fortunato

Abstract

Currently, information security is essential for organizations across all sectors, particularly for military institutions, which handle sensitive data and operate in high-security environments. Cyberattacks, such as unauthorized access and data manipulation, are rapidly evolving in complexity, significantly increasing the risks faced, both personally and organizationally. Vulnerabilities in technological infrastructures, caused by software failures, misconfigurations, or weaknesses in security protocols, create openings for attackers, jeopardizing the integrity of systems. This article proposes a security monitoring tool designed to detect and manage vulnerabilities in real-time, using the Wazuh tool. A methodology was implemented, including the installation and configuration of Wazuh in the institution's technological infrastructure, followed by continuous monitoring. The results showed that, through monitoring, 115,311 events were detected in total, of which 37 were identified as authentication failures. Additionally, 135 vulnerabilities were detected, ranging from critical to medium levels. Wazuh demonstrated accuracy in monitoring and vulnerability detection, allowing for the timely implementation of corrective measures and strengthening system security.