Vol. 7 No. 01 (2026), Section for Interdisciplinary Studies in the Human Sciences
Vol. 7 No. 01 (2026)

AN INTEGRATED CYBERSECURITY APPROACH: INTEGRATING WAZUH AND BASE CVE (MITRE) FOR VULNERABILITY MANAGEMENT IN A CORPORATE ENVIRONMENT

Section for Interdisciplinary Studies in the Human Sciences
Published 2026-01-29
Otávio Noura Teixeira
Doutor em Engenharia Elétrica - Computação Aplicada, Universidade Federal do Pará
Eudes Danilo Mendonça
Mestre em Computação Aplicada, Universidade Federal do Pará
PDF (Portuguese)

Keywords

Information Security. Wazuh. CVE (MITRE). Vulnerability Management. Incident Response.

How to Cite

Noura Teixeira, O. ., & Danilo Mendonça, E. . (2026). AN INTEGRATED CYBERSECURITY APPROACH: INTEGRATING WAZUH AND BASE CVE (MITRE) FOR VULNERABILITY MANAGEMENT IN A CORPORATE ENVIRONMENT. Revista Gênero E Interdisciplinaridade, 7(01), 362-378. https://doi.org/10.51249/gei.v7i01.2819
ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver AMA

Download Citation

Endnote/Zotero/Mendeley (RIS) BibTeX

Abstract

The acceleration of digital transformation has broadened the attack surface of organizations and increased the demand for systematic processes for identifying, prioritizing, and mitigating vulnerabilities. This study proposes and evaluates the integration between the Wazuh open-source platform and the CVE (MITRE) vulnerability database, aiming to consolidate a unified flow of monitoring and decision support in risk management. The research was conducted in a real corporate environment, at Frigorífico Santa Cruz, with an applied and exploratory approach. The implemented solution enabled real-time monitoring, event correlation, and automated alert generation, supporting prioritization by criticality. The results indicated increased efficiency in identifying critical vulnerabilities and a reduction in the average incident response time, suggesting that the Wazuh–CVE integration can strengthen security governance and expand the operational response capacity in organizations with limited resources.

PDF (Portuguese)

References

MELL, P.; SCARFONE, K.A Complete Guide to the Common Vulnerability Scoring System Version 2.0. Forum of Incident Response and Security Teams, 2007.

MELL, P.; SCARFONE, K. A Complete Guide to the Common Vulnerability Scoring System Version 2.0. Forum of Incident Response and Security Teams, 2007.

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST).Framework for Improving Critical Infrastructure Cybersecurity.Gaithersburg: NIST, 2018.

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST).Guide to Computer Security Incident Handling (SP 800-61 Rev. 2). Gaithersburg: NIST, 2012.

ISO/IEC. ISO/IEC 27001:2013 – Information Security Management Systems.Geneva: International Organization for Standardization, 2013.

MITRE CORPORATION. Common Vulnerabilities and Exposures (CVE). Disponível em: https://cve.mitre.orgAcesso em: ano.

BEHL, A.; BEHL, K.Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford: Oxford University Press, 2017.

SCHNEIER, B. Secrets and Lies: Digital Security in a Networked World.New York: Wiley, 2015.

SCARFONE, K.; MELL, P.Guide to Intrusion Detection and Prevention Systems. NIST Special Publication 800-94, 2007.

WAZUH,Inc. Wazuh Documentation: Open Source Security Monitoring Platform. Disponível em: https://documentation.wazuh.com. Acesso em: ano.

ROMANOSKY, S.; TELANG, R.; ACQUISTI, A. Empirical Analysis of Data Breach Litigation. Journal of Empirical Legal Studies, v. 11, n. 1, p. 74-104, 2014.