How to Cite
Abstract
In recent years, the demand for practical, real-world cybersecurity education has grown dramatically. Traditional lecture-based methods often fall short in equipping students with the applied skills needed to detect, analyze, and respond to current cyber threats. This paper presents a project-based educational framework focused on the deployment, configuration, and use of real-world software such as Wazuh. Rather than following predetermined steps, students engage with realistic endpoint and network security scenarios, such as installing and configuring Wazuh agents, monitoring and interpreting live system and application logs, detecting simulated security incidents such as brute-force attacks and malware execution, and applying industry-aligned procedures. Evaluation of student performance demonstrates substantial improvements in alert interpretation, rule configuration, and application of cybersecurity knowledge. Our findings indicate that integrating Wazuh into coursework effectively develops both practical technical skills and analytical thinking, aligns with national workforce competency standards, and provides a model that other courses can adopt to integrate enterprise security tools into the classroom.
Open Access License Notice:
This article is © its author(s) and is licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0). Beginning with Volume 13 (2026), this license is included directly within all published PDFs. For earlier articles, a cover page has been added to indicate the correct licensing terms. Any legacy copyright or pricing statements appearing within the PDF reflect prior print production workflows and do not represent the Journal’s current open access policy. For full details, please see the Journal’s License Terms.