Supported Security Integrations
Wazuh Security Platform
Type: SIEM / XDR Capabilities: Event ingestion, active response
triggering, and agent management.
Elastic Security
Type: SIEM / Security Analytics Capabilities: Deep log analysis,
alert correlation, and security event visualized.
Trend Micro Vision One
Type: XDR Capabilities: Threat intelligence sharing, endpoint
isolation, and risk assessment.
Cisco Umbrella
Type: DNS Security Capabilities: DNS-layer protection blocking,
domain categorizing, and threat enforcement.
Core Capabilities
1. Unified Threat Intelligence
1. Unified Threat Intelligence
Cross-Platform Correlation
Data Enrichment - Correlate Wazuh alerts with Elastic logs for
complete context - Automatic enrichment of indicators (IPs, Hashes) using
external threat feeds Single Pane of Glass - View alerts from multiple
SIEMs and XDRs in one Myrmex dashboard - Eliminate “swivel-chair” analysis
between different consoles
2. Automated Response & Mitigation
2. Automated Response & Mitigation
Active Response
Agent Orchestration - Trigger a Wazuh active response to block an IP -
Isolate a host in Trend Micro Vision One automatically upon high-severity
alert Policy Enforcement - Update Cisco Umbrella blocking lists based
on detected local threats - Universal enforcement across network and
endpoint layers
3. Compliance & Reporting
3. Compliance & Reporting
Audit & Governance
Unified Reporting - Generate compliance reports aggregating data from
all connected platforms - Track incident response SLAs across different
tools
Getting Started
1
Connect Your Platform
Authenticate via API keys or secure connectors for Wazuh, Elastic, or Trend
Micro.
2
Map Fields
Ensure critical data fields (Source IP, User, Timestamp) are correctly
mapped for correlation.
3
Enable Agents
Activate specialized agents like
hydra_wazuh or hydra_elastic to begin
bi-directional communication.