Host-based IDS (HIDS) agent on balenaOS device

Does anyone have any experience of running a Host-based IDS (HIDS) or Host Intrusion Prevention System (HIPS) agent e.g. Wazuh agent, on a balenaOS device?

I’m working on a project where security will be of utmost importance and we need to take all actions possible to detect suspcious activity and prevent things like malaware on the balenaOS devices which will be placed inside customers networks.


Hello @g.corrigan,

Maybe someone from the community has tried something similar before. It seems Wazuh should run on balenaOS, it supports armhf and there are a bunch of docker examples. There might be some extra configuration required, but in theory, it should work.


Thanks @ntzovanis. Will try Wazuh and see how it goes.