OSSEC

Open Source HIDS SECurity

Watching

OSSEC watches it all, actively monitoring all aspects of Unix system activity with file integrity monitoring, log monitoring, rootcheck, and process monitoring. With OSSEC you won't be in the dark about what is happening to your valuable computer system assets.

Alerting

When attacks happen OSSEC lets you know through alert logs and email alerts sent to you and your IT staff so you can take quick actions. OSSEC also exports alerts to any SIEM system via syslog so you can get real-time analytics and insights into your system security events.

Everywhere

Got a variety of operating systems to support and protect? OSSEC has you covered with comprehensive host based intrusion detection across multiple platforms including Linux,Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX.

Host Intrusion Detection For Everyone

Open Source

OSSEC is fully open source and free for your use. You can tailor OSSEC for your security needs through its extensive configuration options, adding your custom alert rules and writing scripts that take actions in response to security alerts. You are free to modify the source code to add new capabilities.

PCI

OSSEC helps customers meet specific compliance requirements as outlined in PCI DSS 1.2/2.0. It lets customers detect and alert on unauthorized file system modifications and malicious behavior based on entries in the log files of COTS products as well as custom applications.

Support

OSSEC is supported by a large community of developers, IT admins and users. You can tap these resources through our Github site, subscribing to one of our Google support groups, or by contacting one of our partner companies.

Trusted By Security Vendors And IT Departments

Atomicorp is your OSSEC expert which developed a set of tools and rules for managing and securing the OSSEC host intrusion detection system. Our Atomic Secured OSSEC (ASO) secures your entire system and its applications and includes a cognitive self healing system that will automatically fix vulnerabilities and problems on the system before damage and intrusions can occur.

Installing ASO allows you to instantly meet 99 of 130 technical PCI-DSS requirements and Atomicorp offers comprehensive PCI-DSS, HiPAA and SOX services and support packages for OSSEC. We can Plan your Enterprise Monitoring Strategy for deployment, configuration, optimization, and even training your team to work with the open source software. Atomicorp is your comprehensive support team and we provide Threat Intelligence feeds for the OSSEC engine.

For assistance with your OSSEC deployment contact us at OSSEC Help.

Wazuh provides OSSEC support and professional services. The services include training, deployment assistance and annual support.

Wazuh has developed an OSSEC ruleset, to improve detection capabilities. Among others, it includes rules to monitor PCI DSS controls, and Amazon AWS environments.

Wazuh has integrated OSSEC and Elasticsearch, providing comprehensive alerts and monitoring dashboards. More info at: contact@wazuh.com

The AlienVault Unified Security Managementâ„¢ (USM) platform provides five essential security capabilities in a single console, giving you everything you need to manage both compliance and threats. Understanding the sensitive nature of IT environments, we include active, passive and host-based technologies so that you can match the requirements of your particular environment. AlienVault USM uses OSSEC Host Intrusion Detection as one of its foundation technologies.