OSSEC

OSSEC (Open Source HIDS SECurity) is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. OSSEC has a centralized, cross-platform architecture allowing multiple systems to be easily monitored and managed.[1] OSSEC has a log analysis engine that is able to correlate and analyze logs from multiple devices and formats.[2]

OSSEC
Developer(s)Daniel B. Cid
Stable release
3.3.0 / April 19, 2019 (2019-04-19)
Repository
Operating systemCross-platform
TypeSecurity / HIDS
LicenseGNU GPL v2
Websitewww.ossec.net

OSSEC is compliant with Payment Card Industry Data Security Standard (PCI DSS) requirements.

History

In June 2008, the OSSEC project and all the copyrights owned by Daniel B. Cid, the project leader, were acquired by Third Brigade, Inc. They promised to continue to contribute to the open source community and to extend commercial support and training to the OSSEC open source community.

In May 2009, Trend Micro acquired Third Brigade and the OSSEC project, with promises to keep it open source and free.

In 2018, Trend released the domain name and source code to the OSSEC Foundation.

The OSSEC project is currently maintained by Atomicorp who stewards the free and open source version and also offers an enhanced commercial version.

Software components

OSSEC consists of a main application, an agent, and a web interface.[3]

  • Manager (or server), which is required for distributed network or stand-alone installations.
  • Agent, a small program installed on the systems to be monitored.
  • Agentless mode, can be used to monitor firewalls, routers, and even Unix systems.

OSSEC Conferences

Since 2017, Atomicorp has been running the annual OSSEC Conference, where all active developers and members of the community get together to discuss OSSEC and its future.[4]

The 2019 OSSEC Con was held March 20-21st outside Washington DC. Slides and other materials from the conference are available here.

gollark: It works for me, maybe the thing has an outdated unicode database.
gollark: I'm aware that you can remove the role by just removing the bot, but it was irritating and I wanted to know if there was a better way.
gollark: I'll alert the bot addition team.
gollark: Hmm, this *does* appear to have a different set of bots to the other bot lists, great.
gollark: Interesting!

See also



References

  1. "About". OSSEC Project Team. 2017. Retrieved 2018-05-10.
  2. "Log Samples". OSSEC Project Team. 2017. Retrieved 2018-05-10.
  3. "OSSEC Architecture". OSSEC Project Team. 2017. Retrieved 2018-05-10.
  4. "About OSSEC - OSSEC Con2019". Atomicorp.com. Atomicorp. Retrieved 4 April 2019.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.