All Posts

OSSEC 2.9.0 Beta05

This release marks our official code freeze for 2.9, from here on out we will only be accepting bug fixes to the 2.9 branch. Now is when we need your help! As a community driven project, we need all the testing a release this size can get. Let us know in the OSSEC mailing list, Github bug tracker, or the official OSSEC irc channel.

Read more ...


OSSEC 2.8.3 Released

OSSEC 2.8.3 has been released and posted on our Downloads page. You can check the Release Notes to find out what has been updated in this release.

Read more ...


CVE-2015-3222 Vulnerability Fixed in OSSEC 2.8.2

The CVE-2015-3222 vulnerability, which allows for root escalation via syscheck has been fixed in OSSEC 2.8.2. Full details of the issue can be found on the OSSEC Github repository – https://github.com/ossec/ossec-hids/releases/tag/2.8.2.

Read more ...


OSSEC Virtual Appliance 2.8.1 Available

I have updated the OSSEC Virtual Appliance to include OSSEC 2.8.1 and Elasticsearch-Logstash-Kibana (ELK) log management and the ElasticHQ system to handle ELK monitoring. It is a single gzipped OVA that can be easily imported into VirtualBox or any other virtualization system that supports OVA files.

Read more ...


OSSEC CON 2014 Recap

OSSEC CON 2014 was held in Cork Ireland this year to promote OSSEC in EMEA where we have many users. This year we had several members of the current OSSEC Team speak to our audience.

Read more ...


CVE-2014-5284 Vulnerability Fixed in OSSEC 2.8.1

OSSEC 2.8.1 has been released to address the security issue identified by Jeff Petersen of Roka Security LLC. Full details of the issue can be found on the OSSEC Github repository – https://github.com/ossec/ossec-hids/releases/tag/2.8.1.

Read more ...


OSSEC Commercial Support Contracts

OSSEC Commercial Support contracts will no longer be available directly from Trend Micro as of March 2014; however all existing agreements will continue to be fully supported until the end of their respective terms.

Read more ...


OSSEC 2.7.1 Released

OSSEC 2.7.1 has been released and posted on our download page. You can check the release notes to find out what has been updated in this release.

Read more ...


OSSEC 2.8 Beta-1 is Available

The OSSEC developers have been hard at work on version 2.8 and we have made Beta-1 packages available for testing. See the Downloads page. Helps us with the testing and fine tuning of this preliminary release.

Read more ...


CVE-2014-0160 (Heartbleed bug) Advisory for OSSEC

The recently disclosed CVE-2014-0160 vulnerability – heartbleed read overrun – in OpenSSL may impact OSSEC installations where OSSEC was deployed with OpenSSL support, either when built from source or installed from RPMs. In particular this issue leaves ossec-authd open to attack.

Read more ...


Debian Packages Now Available

Our friends at AlienVault have created and now host Debian packages of OSSEC for Ubuntu Wheezy, Jessie and Sid. See the Downloads page for the links to the packages and AlienVault’s respositories. Thanks to OSSEC Project team member Santiago Gonzalez for taking the time to create these packages and AlientVault for hosting them

Read more ...


OSSEC Moving to Github

OSSEC is moving from bitbucket to github, and in the process moving to a new method for accepting contributions. This is an exciting change that we feel will help push OSSEC forward in 2014 and further into the future.

Read more ...


OSSEC Log Management with Elasticsearch

Among the many useful features of OSSEC is its capability to send alerts to any system that can consume syslog data. This makes it easy to combine OSSEC with a number of 3rd party SIEMs to store, search and visualize security events. Splunk for OSSEC is one such system that works on top of the Splunk platform.

Read more ...