Developer(s) | Daniel B. Cid |
---|---|
Stable release | 2.6 / Jul 19, 2011 |
Operating system | Cross-platform |
Type | Security / HIDS |
License | GNU GPL v3 |
Website | www.ossec.net |
OSSEC is a free, open source host-based intrusion detection system (IDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows. It has a centralized, cross-platform architecture allowing multiple systems to be easily monitored and managed. It was written by Daniel B. Cid and made public in 2004.
Features were added to OSSEC to meet certain requirements for Payment Card Industry Data Security Standard (PCI DSS) compliance.[1] Details can be found documented in a PDF document provided by OSSEC.[1]
In June 2008 the OSSEC project and all the copyright owned by the project leader, Daniel B. Cid, were acquired by Third Brigade, Inc. They promised to continue to contribute to the open source community and extend commercial support and training to the OSSEC open source community.
In May 2009 Trend Micro acquired Third Brigade and the OSSEC project, with promises to keep it open source and free.
Contents |
OSSEC consists of a main application, a Windows agent, and a web interface software component.
OSSEC has a very strong log analysis engine, being able to correlate and analyze logs from multiple devices and formats. The following are currently supported: