In Part 1 we connected AWS Bedrock Claude to the Wazuh Dashboard chat via ML Commons. That approach works well for analysts working inside the Wazuh UI. In this part we open a second channel: Model Context Protocol (MCP), which allows any compatible client - Claude Desktop, custom applications, CI pipelines - to query Wazuh Indexer data through a standardized tool interface.
[Read More]In the previous article we embedded a local Ollama model directly into the Wazuh Dashboard chat via ML Commons. That approach provides full control over data with no cloud dependencies. In this series we take a parallel path: using AWS Bedrock - specifically Claude Sonnet 4.5 - as the inference backend, while all security data stays strictly within the local Docker network.
[Read More]I’m excited to announce that I have officially joined the Wazuh Ambassador Program. This is a significant milestone in my journey with open-source security, and I’m honored to represent and contribute to a platform that has become central to my professional work.
My path with host-based intrusion detection started long before Wazuh existed – with OSSEC, its predecessor. When Wazuh emerged as a fork and began evolving into the comprehensive security platform it is today, I transitioned along with it. That was over 10 years ago, and Wazuh has been an integral part of my security infrastructure work ever since.
[Read More]Senior Site Reliability Engineer with 14+ years building, scaling, and maintaining critical infrastructure across diverse technology environments.
[Read More]