This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)(Learn how and when to remove this template message)
|Developer(s)||Daniel B. Cid|
2.9.3 / December 23, 2017
|Type||Security / HIDS|
|License||GNU GPL v2|
OSSEC (Open Source HIDS SECurity) is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. OSSEC has a centralized, cross-platform architecture allowing multiple systems to be easily monitored and managed. OSSEC has a log analysis engine that is able to correlate and analyze logs from multiple devices and formats.
In June 2008, the OSSEC project and all the copyrights owned by Cid, the project leader, were acquired by Third Brigade, Inc. They promised to continue to contribute to the open source community and to extend commercial support and training to the OSSEC open source community.
In May 2009, Trend Micro acquired Third Brigade and the OSSEC project, with promises to keep it open source and free.
It is compliant with Payment Card Industry Data Security Standard (PCI DSS) requirements.
- Manager (or server), which is required for distributed network or stand-alone installations.
- Agent, a small program installed on the systems to be monitored.
- Agentless mode, can be used to monitor firewalls, routers, and even Unix systems.