Open Source HIDS SECurity


OSSEC watches it all, actively monitoring all aspects of Unix system activity with file integrity monitoring, log monitoring, rootcheck, and process monitoring. With OSSEC you won't be in the dark about what is happening to your valuable computer system assets.


When attacks happen OSSEC lets you know through alert logs and email alerts sent to you and your IT staff so you can take quick actions. OSSEC also exports alerts to any SIEM system via syslog so you can get real-time analytics and insights into your system security events.


Got a variety of operating systems to support and protect? OSSEC has you covered with comprehensive host based intrusion detection across multiple platforms including Linux,Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX.

Host Intrusion Detection For Everyone

Open Source

OSSEC is fully open source and free for your use. You can tailor OSSEC for your security needs through its extensive configuration options, adding your custom alert rules and writing scripts that take actions in response to security alerts. You are free to modify the source code to add new capabilities.


OSSEC helps customers meet specific compliance requirements as outlined in PCI DSS 1.2/2.0. It lets customers detect and alert on unauthorized file system modifications and malicious behavior based on entries in the log files of COTS products as well as custom applications.


OSSEC is supported by a large community of developers, IT admins and users. You can tap these resources through our Github site, subscribing to one of our Google support groups, or by contacting one of our partner companies.

Trusted By Security Vendors And IT Departments

Atomicorp is the producer of Atomic Secured Linux™ which provides the most secure Linux kernel on the market that combines OSSEC host intrusion detection, a threat manager that hardens both your web applications and the operating system, and a self healing system that automatically fixes problems as they occur, from crashed processes on your server, to problems with your database, to even basic system errors.

Atomicorp provides comprehensive support and Threat Intelligence feeds for OSSEC. Contact: OSSEC Support

Wazuh provides OSSEC support and professional services. The services include training, deployment assistance and annual support.

Wazuh has developed an OSSEC ruleset, to improve detection capabilities. Among others, it includes rules to monitor PCI DSS controls, and Amazon AWS environments.

Wazuh has integrated OSSEC and Elasticsearch, providing comprehensive alerts and monitoring dashboards. More info at: contact@wazuh.com

The AlienVault Unified Security Management™ (USM) platform provides five essential security capabilities in a single console, giving you everything you need to manage both compliance and threats. Understanding the sensitive nature of IT environments, we include active, passive and host-based technologies so that you can match the requirements of your particular environment. AlienVault USM uses OSSEC Host Intrusion Detection as one of its foundation technologies.