Securing the Decentralized Edge: An Integrated Approach to Endpoint Security Monitoring and Threat Detection

Abstract

Modern IT infrastructure is undergoing a significant transformation, becoming increasingly complex and decentralized as organizations move away from centralized on premise data centers toward hybrid, multicloud, and edge computing models. This is a shift driven by the demand for higher resilience, lower latency, and the specialized requirements of modern AI workloads running on the edge. While this shift improves operational efficiency, it introduces significant challenges including limited visibility, legacy network bottlenecks, operational complexity, and a broadened attack surface as a result of the decentralized edge based infrastructure requiring new security approaches that go beyond traditional perimeter security. Adversaries increasingly exploit these decentralized environments for ransomware, espionage, or coscripting devices into botnets for large scale attacks. The resulting breaches carry severe consequences including financial loss, penalties from regulators, non-compliance and irreparable reputational damage. To address the aforementioned challenges, this paper proposes a zero Trust Architecture integrated with Wazuh. Using Wazuh’s comprehensive monitoring and incident response capabilities, organizations can implement a "never trust, always verify" framework that protects the decentralized edge against modern threat vectors. This paper provides practical guidance for IT professionals and students seeking to implement modern endpoint security and defend infrastructure against evolving cyber threats.