Cloudfence CloudMDR is an operational layer built on top of Wazuh that transforms it into a structured security operations platform. It is designed for organizations building an in-house SOC, MSSPs, and partners who need to scale security operations without increasing complexity. Core function: - Adds standardization, automation, and workflow structure to Wazuh-based environments - Enables centralized investigation and multi-tenant scalability - Supports integration with third-party security solutions Target audience: - SMBs and mid-market organizations - Organizations with or without an existing SOC - MSSPs and managed security partners - Multi-country and distributed environments Operational capabilities: - Standardized detection processes to reduce inconsistency across analyst workflows - Playbook and workflow automation to reduce manual effort and analyst fatigue - Centralized investigation interface for alert triage and response - Multi-tenant architecture for managing multiple clients or business units - Flexible deployment model: operate with an internal team or with Cloudfence-provided support Design principles: - Wazuh-native: does not require replacing existing tooling - Automation-first approach to reduce reliance on individual analysts - Structured and repeatable operational processes aimed at improving SOC maturity - Built to support distributed environments across multiple geographies